Total
13573 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3536 | 1 Epicdjsoftware | 1 Epicvj | 2026-06-16 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 and 1.3.1.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a (1) .m3u or (2) .mpl playlist file. | |||||
| CVE-2009-3522 | 1 Avast | 2 Avast Antivirus Home, Avast Antivirus Professional | 2026-06-16 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018. | |||||
| CVE-2009-3484 | 1 Coreftp | 1 Core Ftp | 2026-06-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3483 | 1 Globalscape | 1 Cuteftp | 2026-06-16 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label. | |||||
| CVE-2009-3476 | 1 Internet2 | 3 Opensaml, Shibboleth-sp, Xmltooling | 2026-06-16 | 9.3 HIGH | N/A |
| Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL. | |||||
| CVE-2009-3463 | 1 Adobe | 1 Shockwave Player | 2026-06-16 | 9.3 HIGH | N/A |
| Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3459 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-06-16 | 9.3 HIGH | 8.8 HIGH |
| Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3431 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-06-16 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3429 | 1 Pirateradio | 1 Destiny Media Player | 2026-06-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file. | |||||
| CVE-2009-3428 | 1 Otbcode | 1 Easy Music Player | 2026-06-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file. | |||||
| CVE-2009-3373 | 1 Mozilla | 2 Firefox, Seamonkey | 2026-06-16 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2009-3364 | 1 Ftpshell | 1 Ftpshell | 2026-06-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command. | |||||
| CVE-2009-3347 | 1 D-link | 1 Dir-400 | 2026-06-16 | 10.0 HIGH | N/A |
| Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3345 | 1 Sap | 1 Crystal Reports Server | 2026-06-16 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3341 | 1 Linksys | 1 Wrt54gl | 2026-06-16 | 10.0 HIGH | N/A |
| Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3338 | 1 Effectmatrix | 1 Magic Morph | 2026-06-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in EffectMatrix (E.M.) Magic Morph 1.95b allows remote attackers to execute arbitrary code via a long string in a .mor file. | |||||
| CVE-2009-3329 | 1 Exeter | 1 Winplot | 2026-06-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Winplot 1.25.0.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Plot2D (.wp2) file. | |||||
| CVE-2009-3288 | 2 Kernel, Linux | 2 Linux Kernel, Linux Kernel | 2026-06-16 | 4.9 MEDIUM | N/A |
| The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device. | |||||
| CVE-2009-3280 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 7.8 HIGH | N/A |
| Integer signedness error in the find_ie function in net/wireless/scan.c in the cfg80211 subsystem in the Linux kernel before 2.6.31.1-rc1 allows remote attackers to cause a denial of service (soft lockup) via malformed packets. | |||||
| CVE-2009-3254 | 1 Ultimatevideosite | 1 Ultimate Player | 2026-06-16 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file. | |||||