Total
13256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3401 | 1 Id Software | 1 Quake 3 Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values. | |||||
| CVE-2003-1518 | 1 Adiscon | 1 Winsyslog | 2025-04-03 | 7.8 HIGH | N/A |
| Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a long syslog message. | |||||
| CVE-2003-1473 | 1 Lgames | 1 Ltris | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable. | |||||
| CVE-2002-1174 | 1 Fetchmail | 1 Fetchmail | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function. | |||||
| CVE-2002-2332 | 1 Opera Software | 1 Opera Web Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. | |||||
| CVE-2003-1461 | 1 Hp | 1 Hp-ux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473). | |||||
| CVE-1999-0874 | 1 Microsoft | 3 Internet Information Server, Windows 2000, Windows Nt | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions. | |||||
| CVE-2006-2656 | 1 Libtiff | 1 Libtiff | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. | |||||
| CVE-2005-3627 | 1 Xpdf | 1 Xpdf | 2025-04-03 | 7.5 HIGH | N/A |
| Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo. | |||||
| CVE-2006-0097 | 1 Php | 1 Php | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function. | |||||
| CVE-2006-3251 | 1 Hashcash | 1 Hashcash | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries. | |||||
| CVE-2006-2382 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability." | |||||
| CVE-2006-0730 | 1 Timo Sirainen | 1 Dovecot | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability. | |||||
| CVE-2005-2922 | 1 Realnetworks | 4 Helix Player, Realone Player, Realplayer and 1 more | 2025-04-03 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. | |||||
| CVE-2005-0211 | 2 Debian, Squid-cache | 2 Debian Linux, Squid | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter. | |||||
| CVE-2004-2712 | 1 Phrozensmoke | 1 Gyach Enhanced | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data." | |||||
| CVE-2005-3712 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 6.5 MEDIUM | N/A |
| Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. | |||||
| CVE-2005-3662 | 1 Greg Roelofs | 1 Pnmtopng | 2025-04-03 | 4.6 MEDIUM | N/A |
| Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors. | |||||
| CVE-2004-2728 | 1 Hummingbird | 1 Connectivity | 2025-04-03 | 3.5 LOW | N/A |
| Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | |||||
| CVE-2004-1267 | 2 Easy Software Products, Redhat | 2 Cups, Fedora Core | 2025-04-03 | 6.5 MEDIUM | N/A |
| Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file. | |||||