Total
12257 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0563 | 1 Microsoft | 4 Office, Office Compatibility Pack, Office Word Viewer and 1 more | 2025-04-09 | 9.3 HIGH | 7.8 HIGH |
| Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability." | |||||
| CVE-2007-4278 | 1 Esri | 1 Arcsde | 2025-04-09 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call. | |||||
| CVE-2009-4484 | 5 Canonical, Debian, Mariadb and 2 more | 5 Ubuntu Linux, Debian Linux, Mariadb and 2 more | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a. | |||||
| CVE-2009-2550 | 1 Ondanera | 1 Hamster Audio Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .hpl playlist file. | |||||
| CVE-2008-2371 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2025-04-09 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. | |||||
| CVE-2007-6427 | 7 Apple, Canonical, Debian and 4 more | 11 Mac Os X, Ubuntu Linux, Debian Linux and 8 more | 2025-04-09 | 9.3 HIGH | N/A |
| The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. | |||||
| CVE-2008-2992 | 2 Adobe, Oracle | 3 Acrobat, Acrobat Reader, Solaris | 2025-04-09 | 9.3 HIGH | 7.8 HIGH |
| Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104. | |||||
| CVE-2009-2523 | 1 Microsoft | 1 Windows 2000 | 2025-04-09 | 10.0 HIGH | N/A |
| The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap Overflow Vulnerability." | |||||
| CVE-2007-0957 | 3 Canonical, Debian, Mit | 3 Ubuntu Linux, Debian Linux, Kerberos 5 | 2025-04-09 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitrary code and modify the Kerberos key database via crafted arguments, possibly involving certain format string specifiers. | |||||
| CVE-2021-26402 | 1 Amd | 100 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 97 more | 2025-04-08 | N/A | 7.1 HIGH |
| Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regions which may lead to a potential loss of integrity and availability. | |||||
| CVE-2025-3166 | 1 Code-projects | 1 Product Management System | 2025-04-08 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function search_item of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-36272 | 1 Gnu | 1 Libredwg | 2025-04-08 | N/A | 8.8 HIGH |
| LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c. | |||||
| CVE-2024-27050 | 1 Linux | 1 Linux Kernel | 2025-04-08 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: libbpf: Use OPTS_SET() macro in bpf_xdp_query() When the feature_flags and xdp_zc_max_segs fields were added to the libbpf bpf_xdp_query_opts, the code writing them did not use the OPTS_SET() macro. This causes libbpf to write to those fields unconditionally, which means that programs compiled against an older version of libbpf (with a smaller size of the bpf_xdp_query_opts struct) will have its stack corrupted by libbpf writing out of bounds. The patch adding the feature_flags field has an early bail out if the feature_flags field is not part of the opts struct (via the OPTS_HAS) macro, but the patch adding xdp_zc_max_segs does not. For consistency, this fix just changes the assignments to both fields to use the OPTS_SET() macro. | |||||
| CVE-2025-2288 | 2025-04-08 | N/A | N/A | ||
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. | |||||
| CVE-2025-2829 | 2025-04-08 | N/A | N/A | ||
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. | |||||
| CVE-2025-2293 | 2025-04-08 | N/A | N/A | ||
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. | |||||
| CVE-2025-30015 | 2025-04-08 | N/A | 4.1 MEDIUM | ||
| Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact on the confidentiality, integrity and the availability of the application. | |||||
| CVE-2018-8174 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1703, Windows 10 1709 and 7 more | 2025-04-08 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||
| CVE-2020-0968 | 1 Microsoft | 15 Internet Explorer, Windows 10 1507, Windows 10 1607 and 12 more | 2025-04-08 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0970. | |||||
| CVE-2020-1027 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1709 and 14 more | 2025-04-08 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003. | |||||