Total
12462 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2510 | 1 Php | 1 Php | 2025-04-09 | 5.1 MEDIUM | N/A |
| Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters. | |||||
| CVE-2007-6258 | 2 Apache, F5 | 2 Mod Jk, Big-ip | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header. | |||||
| CVE-2007-3039 | 1 Microsoft | 3 Message Queuing, Windows 2000, Windows Xp | 2025-04-09 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server. | |||||
| CVE-2009-3977 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in a certain ActiveX control in ActiveDom.ocx in HP OpenView Network Node Manager (OV NNM) 7.53 might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via a long string argument to the (1) DisplayName, (2) AddGroup, (3) InstallComponent, or (4) Subscribe method. NOTE: this issue is not a vulnerability in many environments, because the control is not marked as safe for scripting and would not execute with default Internet Explorer settings. | |||||
| CVE-2009-2582 | 1 Akamai Technologies | 1 Download Manager | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and CVE-2007-1892. | |||||
| CVE-2007-5652 | 1 Ibm | 1 Db2 | 2025-04-09 | 7.8 HIGH | N/A |
| IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | |||||
| CVE-2009-0187 | 1 Orbitdownloader | 1 Orbit Downloader | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message. | |||||
| CVE-2008-2932 | 1 Redhat | 1 Adminutil | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929. | |||||
| CVE-2009-3429 | 1 Pirateradio | 1 Destiny Media Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file. | |||||
| CVE-2008-3429 | 1 Httrack | 2 Httrack, Winhttrack | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL. | |||||
| CVE-2008-2829 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2025-04-09 | 5.0 MEDIUM | N/A |
| php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function. | |||||
| CVE-2007-4793 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2009-1642 | 1 Mini-stream | 1 Mini-stream To Mp3 Converter | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7." | |||||
| CVE-2009-4006 | 1 Solarwinds | 1 Serv-u File Server | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string. | |||||
| CVE-2008-6953 | 1 Oovoo | 1 Oovoo | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in oovoo.exe in ooVoo 1.7.1.35, and possibly other versions before 1.7.1.59, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long oovoo: URI. | |||||
| CVE-2006-6884 | 1 Winzip | 1 Winzip | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198. | |||||
| CVE-2007-5249 | 1 Americasarmy | 2 America\'s Army, America\'s Army Special Forces | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple buffer overflows in the logging function in the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to cause a denial of service (daemon crash) via a long (1) PB_Y packet to the YPG server on UDP port 1716 or (2) PB_U packet to UCON on UDP port 1716, different vectors than CVE-2007-4442. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain. | |||||
| CVE-2008-5240 | 1 Xine | 1 Xine-lib | 2025-04-09 | 4.3 MEDIUM | N/A |
| xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and (2) PROP_TAG, (3) MDPR_TAG, and (4) CONT_TAG chunks processed by the real_parse_headers function in demux_real.c; which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) or possibly execute arbitrary code via a crafted value. | |||||
| CVE-2007-6530 | 3 Groove, Hp, Persits | 3 Virtual Office, Loadrunner, Xupload | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function. | |||||
| CVE-2009-3135 | 1 Microsoft | 4 Office, Office Word, Office Word Viewer and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability." | |||||