Total
13335 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4265 | 1 Pointdev | 1 Ideal Administration 2009 | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and possibly other versions, allows remote attackers to execute arbitrary code via a long Computer value in an .ipj project file. | |||||
| CVE-2008-2245 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file. | |||||
| CVE-2007-3638 | 1 Yahoo | 1 Messenger | 2025-04-09 | 6.0 MEDIUM | N/A |
| Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users, who are listed in an address book, to execute arbitrary code via unspecified vectors, aka ZD-00000005. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2009-0305 | 2 Microsoft, Research In Motion Limited | 2 Internet Explorer, Blackberry Application Web Loader | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLoader.ocx and AxLoader.dll in BlackBerry Application Web Loader 1.0 allow remote attackers to execute arbitrary code via unspecified use of the (1) load or (2) loadJad method. | |||||
| CVE-2007-5690 | 1 Asterisk | 1 Zaptel | 2025-04-09 | 4.6 MEDIUM | N/A |
| Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed | |||||
| CVE-2009-2121 | 1 Google | 1 Chrome | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted response. | |||||
| CVE-2009-1298 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.8 HIGH | N/A |
| The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function. | |||||
| CVE-2009-1476 | 1 Darren Reed | 1 Ipfilter | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in lib/load_http.c in ippool in Darren Reed IPFilter (aka IP Filter) 4.1.31 allows local users to gain privileges via vectors involving a long hostname in a URL. | |||||
| CVE-2008-2001 | 1 Apple | 1 Safari | 2025-04-09 | 4.3 MEDIUM | N/A |
| Apple Safari 3.1.1 allows remote attackers to cause a denial of service (application crash) via a file:///%E2 link that triggers an out-of-bounds access, possibly due to a NULL pointer dereference. | |||||
| CVE-2009-1058 | 1 Zipgenius | 1 Zipgenius | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ZipGenius might allow remote attackers to execute arbitrary code via a crafted .zip file that triggers an SEH overwrite. NOTE: it is possible that this overlaps CVE-2005-3317. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | |||||
| CVE-2007-6438 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already covered by CVE-2007-6111. | |||||
| CVE-2009-4117 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a /Decode array for certain types of shading that are not properly handled by the (1) pdf_loadtype4shade, (2) pdf_loadtype5shade, (3) pdf_loadtype6shade, and (4) pdf_loadtype7shade functions. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0349 | 1 Ftpshell | 1 Ftpshell Server | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in FTPShell Server 4.3 allows user-assisted remote attackers to cause a denial of service (persistent daemon crash) and possibly execute arbitrary code via a long string in a licensing key (aka .key) file. | |||||
| CVE-2007-5116 | 6 Debian, Larry Wall, Mandrakesoft and 3 more | 10 Debian Linux, Perl, Mandrake Linux and 7 more | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. | |||||
| CVE-2007-1347 | 1 Microsoft | 3 Windows 2000, Windows Explorer, Windows Xp | 2025-04-09 | 7.1 HIGH | N/A |
| Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll. | |||||
| CVE-2009-2621 | 1 Squid-cache | 1 Squid | 2025-04-09 | 5.0 MEDIUM | N/A |
| Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc. | |||||
| CVE-2009-3809 | 1 Acoustica | 1 Mp3 Audio Mixer | 2025-04-09 | 4.3 MEDIUM | N/A |
| Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote attackers to cause a denial of service (crash) via a long string in a .sgp playlist file. | |||||
| CVE-2009-1057 | 1 Microsmarts | 1 Zipitfast\! | 2025-04-09 | 10.0 HIGH | N/A |
| MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file that triggers memory corruption, related to a "format string buffer overflow." NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | |||||
| CVE-2009-0184 | 1 Free Download Manager | 1 Free Download Manager | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file. | |||||
| CVE-2009-2566 | 1 Tfm | 1 Mmplayer | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly 2.0.0.30, allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | |||||