Vulnerabilities (CVE)

Filtered by CWE-119
Total 12545 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-0016 1 Netfarer 1 Movieplay 2025-04-09 7.5 HIGH N/A
Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via a long filename in a LST file.
CVE-2009-0952 1 Apple 1 Quicktime 2025-04-09 9.3 HIGH N/A
Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image.
CVE-2008-5902 1 Xrdp 1 Xrdp 2025-04-09 7.5 HIGH N/A
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.
CVE-2007-5245 1 Firebirdsql 1 Firebird 2025-04-09 10.0 HIGH N/A
Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function.
CVE-2007-0126 1 Opera 1 Opera Browser 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table (DHT) marker.
CVE-2009-1640 1 Nucleustechnologies 1 Kernel Recovery 2025-04-09 9.3 HIGH N/A
Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery for Macintosh 4.04 allows user-assisted attackers to execute arbitrary code via a crafted .AMHH file.
CVE-2008-3642 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 9.3 HIGH N/A
Buffer overflow in ColorSync in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via an image with a crafted ICC profile.
CVE-2009-3790 1 Cutepdf 1 Formmax 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation 3.5 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted FormMax import (.aim) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0325 1 Trend Micro 2 Client-server-messaging Security, Officescan Corporate Edition 2025-04-09 9.3 HIGH N/A
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.
CVE-2009-3838 1 Pmail 1 Pegasus Mail 2025-04-09 9.3 HIGH N/A
Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message.
CVE-2007-5655 1 Tibco 4 Ems Server, Enterprise Message Service, Rtworks and 1 more 2025-04-09 10.0 HIGH N/A
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
CVE-2007-4034 1 Yahoo 1 Widgets 2025-04-09 9.3 HIGH N/A
Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information.
CVE-2008-1100 1 Clam Anti-virus 1 Clamav 2025-04-09 10.0 HIGH N/A
Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.
CVE-2007-4814 1 Microsoft 1 Sql Server 2025-04-09 7.5 HIGH N/A
Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.
CVE-2009-3537 1 Epicdjsoftware 1 Epicdj 2025-04-09 9.3 HIGH N/A
Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a (1) .m3u or (2) .mpl playlist file.
CVE-2008-1925 1 Inspircd 1 Inspircd 2025-04-09 5.0 MEDIUM N/A
Buffer overflow in InspIRCd before 1.1.18, when using the namesx and uhnames modules, allows remote attackers to cause a denial of service (daemon crash) via a large number of channel users with crafted nicknames, idents, and long hostnames.
CVE-2006-4819 1 Opera 1 Opera Browser 2025-04-09 5.1 MEDIUM N/A
Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).
CVE-2009-0146 3 Apple, Foolabs, Glyphandcog 3 Cups, Xpdf, Xpdfreader 2025-04-09 4.3 MEDIUM N/A
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.
CVE-2007-3678 1 Quark 1 Quarkxpress 2025-04-09 7.6 HIGH N/A
Stack-based buffer overflow in the MSWord text-import extension (Word 6-2000 Filter.xnt) in QuarkXPress 7.2 for Windows, when using the Rectangle Text Box tool for importing text, allows user-assisted remote attackers to execute arbitrary code via a long font name.
CVE-2007-5892 1 Ssreader 1 Ultra Star Reader 2025-04-09 10.0 HIGH N/A
Stack-based buffer overflow in the pdg2.dll ActiveX control in SSReader 4.0 and earlier allow remote attackers to execute arbitrary code via a long argument to the Register method. NOTE: some details were obtained from third party sources.