Total
13270 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3655 | 1 Sun | 1 Jre | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file. | |||||
| CVE-2009-3083 | 1 Pidgin | 2 Libpurple, Pidgin | 2025-04-09 | 5.0 MEDIUM | N/A |
| The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client. | |||||
| CVE-2007-5904 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function. | |||||
| CVE-2008-5242 | 1 Xine | 1 Xine-lib | 2025-04-09 | 6.8 MEDIUM | N/A |
| demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSD_ATOM atom allocation, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted media file. | |||||
| CVE-2008-5354 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry. | |||||
| CVE-2008-4479 | 1 Novell | 1 Edirectory | 2025-04-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header. | |||||
| CVE-2007-5325 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-5911 | 1 Viewpoint | 1 Media Player | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID, (5) ComponentFileName, (6) ExtraProperty, (7) Properties, (8) RequiredVersions, (9) Source, or (10) XMLText method. | |||||
| CVE-2009-0175 | 1 Heathcosoft | 1 Mp3 Trackmaker | 2025-04-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file. | |||||
| CVE-2008-3862 | 1 Trend Micro | 1 Officescan | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in CGI programs in the server in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1374, and 8.0 SP1 Patch 1 before build 3110, allows remote attackers to execute arbitrary code via an HTTP POST request containing crafted form data, related to "parsing CGI requests." | |||||
| CVE-2008-2050 | 1 Php | 1 Php | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors. | |||||
| CVE-2009-2934 | 1 Programmedintegration | 1 Pipl | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file. | |||||
| CVE-2009-3338 | 1 Effectmatrix | 1 Magic Morph | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in EffectMatrix (E.M.) Magic Morph 1.95b allows remote attackers to execute arbitrary code via a long string in a .mor file. | |||||
| CVE-2006-6749 | 1 Openser | 1 Openser | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in the parse_expression function in parse_config in OpenSER 1.1.0 allows attackers to have an unknown impact via a long str parameter. | |||||
| CVE-2009-3088 | 2 Ibm, Linux | 2 Tivoli Directory Server, Linux Kernel | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to have an unspecified impact via unknown vectors that trigger heap corruption, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-0322 | 1 Intuit | 1 Quickbooks | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-0270 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.5 MEDIUM | N/A |
| Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via the GET_PROPERTY function in SYS.DBMS_DRS, aka DB03. | |||||
| CVE-2008-4654 | 1 Videolan | 1 Vlc Media Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value. | |||||
| CVE-2008-3658 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. | |||||
| CVE-2009-1722 | 1 Openexr | 1 Openexr | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | |||||