Total
13335 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1040 | 1 Fujitsu | 6 Interstage Application Server Enterprise, Interstage Application Server Standard J, Interstage Apworks Enterprise and 3 more | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in the Single Sign-On function in Fujitsu Interstage Application Server 8.0.0 through 8.0.3 and 9.0.0, Interstage Studio 8.0.1 and 9.0.0, and Interstage Apworks 8.0.0 allows remote attackers to execute arbitrary code via a long URI. | |||||
| CVE-2007-1580 | 1 Ftpdmin | 1 Ftpdmin | 2025-04-09 | 6.3 MEDIUM | N/A |
| FTPDMIN 0.96 allows remote attackers to cause a denial of service (daemon crash) via a LIST command for a Windows drive letter, as demonstrated using "//A:". NOTE: this has been reported as a buffer overflow by some sources, but there is not a long argument. | |||||
| CVE-2007-4572 | 1 Samba | 1 Samba | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests. | |||||
| CVE-2008-2320 | 1 Apple | 3 Carboncore, Mac Os X, Mac Os X Server | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long filename to the file management API. | |||||
| CVE-2008-1017 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. | |||||
| CVE-2007-5018 | 1 David Harris | 1 Mercury 32 | 2025-04-09 | 6.0 MEDIUM | N/A |
| Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211. | |||||
| CVE-2007-0005 | 2 Linux, Omnikey.aaitg | 2 Linux Kernel, Omnikey Cardman 4040 | 2025-04-09 | 6.9 MEDIUM | N/A |
| Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges. | |||||
| CVE-2009-0017 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 7.2 HIGH | N/A |
| csregprinter in the Printing component in Apple Mac OS X 10.4.11 and 10.5.6 does not properly handle error conditions, which allows local users to execute arbitrary code via unknown vectors that trigger a heap-based buffer overflow. | |||||
| CVE-2008-1188 | 1 Sun | 2 Jdk, Jre | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues." | |||||
| CVE-2009-1644 | 1 Sorinara | 1 Streaming Audio Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file. | |||||
| CVE-2008-3155 | 1 Panda | 1 Panda Activescan | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method. | |||||
| CVE-2008-4827 | 3 Componentone, Sap, Servantix | 4 Sizerone, Sap Gui, Tabone and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 2008, TSC2 Help Desk 4.1.8, SAP GUI 6.40 Patch 29 and 7.10, and possibly other products, allow remote attackers to execute arbitrary code by adding many tabs, or adding tabs with long tab captions. | |||||
| CVE-2009-1674 | 1 Microchip | 1 Mplab Ide | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608. | |||||
| CVE-2008-0090 | 2 Divx, Microsoft | 2 Divx Player, Internet Explorer | 2025-04-09 | 5.0 MEDIUM | N/A |
| A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method. | |||||
| CVE-2008-0086 | 1 Microsoft | 4 Data Engine, Sql Server, Sql Server Desktop Engine and 1 more | 2025-04-09 | 9.0 HIGH | N/A |
| Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. | |||||
| CVE-2008-1052 | 1 Netwin | 1 Surgeftp | 2025-04-09 | 6.4 MEDIUM | N/A |
| The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails. | |||||
| CVE-2008-5711 | 1 Facebook | 1 Photouploader | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value. | |||||
| CVE-2007-6245 | 1 Adobe | 1 Flash Player | 2025-04-09 | 5.8 MEDIUM | N/A |
| Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks. | |||||
| CVE-2007-6605 | 1 Skyfex | 1 Skyfex Client | 2025-04-09 | 5.8 MEDIUM | N/A |
| Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the Start method. | |||||
| CVE-2009-1944 | 1 Aimp | 1 Aimp | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. | |||||