Total
13277 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0351 | 1 Wftpserver | 1 Winftp Ftp Server | 2025-04-09 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remote authenticated users to execute arbitrary code via a long LIST argument beginning with an * (asterisk) character. | |||||
| CVE-2006-6500 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap. | |||||
| CVE-2009-4186 | 2 Apple, Microsoft | 2 Safari, Windows | 2025-04-09 | 9.3 HIGH | N/A |
| Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property. | |||||
| CVE-2007-0236 | 1 Apple | 1 Mac Os X | 2025-04-09 | 10.0 HIGH | N/A |
| Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow. | |||||
| CVE-2007-4286 | 1 Cisco | 1 Ios | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. | |||||
| CVE-2008-1056 | 1 Symark | 1 Powerbroker | 2025-04-09 | 6.9 MEDIUM | N/A |
| Multiple stack-based buffer overflows in Symark PowerBroker 2.8 through 5.0.1 allow local users to gain privileges via a long argv[0] string when executing (1) pbrun, (2) pbsh, or (3) pbksh. NOTE: the product is often installed in environments with trust relationships that facilitate subsequent remote compromises. | |||||
| CVE-2008-0639 | 2 Microsoft, Novell | 2 Windows, Client | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. NOTE: this issue exists because of an incomplete fix for CVE-2007-6701. | |||||
| CVE-2007-5358 | 1 Digium | 1 Asterisk | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files. | |||||
| CVE-2008-0248 | 1 Streamaudio | 1 Chaincast Proxymanager Activex Control | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method. | |||||
| CVE-2007-1864 | 4 Canonical, Debian, Php and 1 more | 5 Ubuntu Linux, Debian Linux, Php and 2 more | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors. | |||||
| CVE-2008-0962 | 1 Emc | 1 Diskxtender | 2025-04-09 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface. | |||||
| CVE-2009-0512 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0888, and CVE-2009-0889. | |||||
| CVE-2007-4568 | 1 X.org | 1 X Font Server | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. | |||||
| CVE-2007-4582 | 1 Acti | 1 Network Video Recorder | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method. | |||||
| CVE-2008-2503 | 1 Sourceforge | 1 Emule X-ray | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown impact and remote attack vectors. | |||||
| CVE-2008-1922 | 1 Sarg | 1 Squid Analysis Report Generator | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file. | |||||
| CVE-2009-3844 | 1 Hp | 1 Openview Data Protector Application Recovery Manager | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet. | |||||
| CVE-2009-3176 | 1 Novell | 1 Iprint | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the ActiveX control in Novell iPrint Client 4.38 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.1, "Novell iPrint Client 4.38 ActiveX exploit." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-5687 | 1 Justsystem | 1 Ichitaro | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL. | |||||
| CVE-2007-6532 | 1 Xfce | 1 Xfce | 2025-04-09 | 10.0 HIGH | N/A |
| Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via unknown vectors related to the "cliend id, program name and working directory in session management." | |||||