Total
12529 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2846 | 2 Avas\!t, Avast\! | 2 Avast\! Antivirus, Avast\! Antivirus | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around." | |||||
| CVE-2008-1488 | 1 Pecl-php | 1 Alternative Php Cache | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename. | |||||
| CVE-2007-5602 | 1 Swiftview | 1 Viewer | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and SwiftSend, allow remote attackers to execute arbitrary code via unspecified vectors to the (1) svocx.ocx ActiveX control or the (2) npsview.dll plugin for Mozilla and Firefox. | |||||
| CVE-2007-3743 | 1 Apple | 1 Safari | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in bookmark handling in Apple Safari 3 Beta before Update 3.0.3 on Windows allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a bookmark with a long title. | |||||
| CVE-2009-2877 | 1 Cisco | 1 Webex | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file. | |||||
| CVE-2009-0546 | 1 Newsgator | 1 Feeddemon | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file. | |||||
| CVE-2009-0650 | 1 Tptest | 1 Tptest | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1227 | 1 Silc | 1 Silc Toolkit | 2025-04-09 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the silc_fingerprint function in lib/silcutil/silcutil.c in Secure Internet Live Conferencing (SILC) Toolkit 1.1.5, and unspecified earlier versions, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via long input data. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3288 | 2 Kernel, Linux | 2 Linux Kernel, Linux Kernel | 2025-04-09 | 4.9 MEDIUM | N/A |
| The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device. | |||||
| CVE-2008-5297 | 1 Vitalwerks | 1 No-ip Duc | 2025-04-09 | 7.6 HIGH | N/A |
| Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function. | |||||
| CVE-2008-4555 | 1 Graphviz | 1 Graphviz | 2025-04-09 | 8.5 HIGH | N/A |
| Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements. | |||||
| CVE-2009-3969 | 1 Faslo | 1 Faslo Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file. | |||||
| CVE-2007-6717 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2009-2501 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Heap Overflow Vulnerability." | |||||
| CVE-2007-6063 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 6.9 MEDIUM | N/A |
| Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function. | |||||
| CVE-2009-2719 | 1 Sun | 1 Java Se | 2025-04-09 | 5.0 MEDIUM | N/A |
| The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException) via a crafted .jnlp file, as demonstrated by the jnlp_file/appletDesc/index.html#misc test in the Technology Compatibility Kit (TCK) for the Java Network Launching Protocol (JNLP). | |||||
| CVE-2009-1327 | 1 Mini-stream | 1 Wm Downloader | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2007-0718 | 1 Apple | 1 Quicktime | 2025-04-09 | 5.8 MEDIUM | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a QTIF file with a Video Sample Description containing a Color table ID of 0, which triggers memory corruption when QuickTime assumes that a color table exists. | |||||
| CVE-2007-5580 | 1 Cisco | 1 Security Agent | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445. | |||||
| CVE-2008-4193 | 1 Alt-n | 1 Securitygateway | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter. | |||||