Total
13279 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2578 | 1 Google | 1 Chrome | 2025-04-09 | 5.0 MEDIUM | N/A |
| Google Chrome 2.x through 2.0.172 allows remote attackers to cause a denial of service (application crash) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. | |||||
| CVE-2009-1740 | 1 Dlink | 1 Mpeg4 Viewer Activex Control | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11.918.2006 allow remote attackers to execute arbitrary code via a long argument to the (1) SetFilePath and (2) SetClientCookie methods. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-1017 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in clipping region (aka crgn) atom handling in quicktime.qts in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. | |||||
| CVE-2007-0061 | 2 Canonical, Vmware | 6 Ubuntu Linux, Ace, Esx and 3 more | 2025-04-09 | 10.0 HIGH | N/A |
| The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers "corrupt stack memory." | |||||
| CVE-2009-0154 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 allows remote attackers to execute arbitrary code via a crafted Compact Font Format (CFF) font. | |||||
| CVE-2008-0392 | 1 Microsoft | 1 Visual Basic | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary code via a .dsr file with a long (1) ConnectionName or (2) CommandName line. | |||||
| CVE-2008-4762 | 1 Freesshd | 1 Freesshd | 2025-04-09 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters. | |||||
| CVE-2008-5187 | 1 Enlightenment | 1 Imlib2 | 2025-04-09 | 7.5 HIGH | N/A |
| The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. | |||||
| CVE-2007-4684 | 1 Apple | 1 Mac Os X | 2025-04-09 | 6.9 MEDIUM | N/A |
| Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call. | |||||
| CVE-2009-1372 | 1 Clamav | 1 Clamav | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL. | |||||
| CVE-2007-5198 | 1 Nagios | 1 Plugins | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters. | |||||
| CVE-2009-1868 | 1 Adobe | 3 Air, Flash Player, Flex | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing. | |||||
| CVE-2007-6302 | 1 Novell | 1 Netmail | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162." | |||||
| CVE-2009-1209 | 1 W3 | 1 Amaya | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute. | |||||
| CVE-2007-4664 | 1 Firebirdsql | 1 Firebird | 2025-04-09 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the (1) attach database and (2) create database functionality in Firebird before 2.0.2, when a filename exceeds MAX_PATH_LEN, has unknown impact and attack vectors, aka CORE-1405. | |||||
| CVE-2008-3892 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696. | |||||
| CVE-2008-4255 | 1 Microsoft | 5 Office Frontpage, Project, Visual Basic and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability." | |||||
| CVE-2007-5083 | 1 Broadcom | 1 Brightstor Hierarchical Storage Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow. | |||||
| CVE-2008-4572 | 1 Guildftpd | 1 Guildftpd | 2025-04-09 | 10.0 HIGH | N/A |
| GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow. | |||||
| CVE-2008-0152 | 1 Seattle Lab Software | 1 Slnet Rf Telnet Server | 2025-04-09 | 4.3 MEDIUM | N/A |
| SLnet.exe in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and earlier allows user-assisted remote attackers to cause a denial of service (crash) via unspecified telnet options, which triggers a NULL pointer dereference. NOTE: the crash is not user-assisted when the server is running in debug mode. | |||||