Total
13940 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6186 | 1 Raidenftpd | 1 Raidenftpd | 2025-04-09 | N/A |
| Stack-based buffer overflow in RaidenFTPD 2.4 build 3620 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via long (1) CWD and (2) MLST commands. | ||||
| CVE-2007-5365 | 5 Debian, Openbsd, Redhat and 2 more | 7 Debian Linux, Openbsd, Enterprise Linux and 4 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU. | ||||
| CVE-2009-2121 | 1 Google | 1 Chrome | 2025-04-09 | N/A |
| Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted response. | ||||
| CVE-2008-0443 | 1 Lycos | 1 Fileuploader.dll | 2025-04-09 | N/A |
| Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6252 | 1 Learn2 | 1 Strunner | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2009-0195 | 4 Apple, Foolabs, Glyphandcog and 1 more | 4 Cups, Xpdf, Xpdfreader and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments. | ||||
| CVE-2009-4117 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a /Decode array for certain types of shading that are not properly handled by the (1) pdf_loadtype4shade, (2) pdf_loadtype5shade, (3) pdf_loadtype6shade, and (4) pdf_loadtype7shade functions. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0924 | 1 Novell | 1 Edirectory | 2025-04-09 | N/A |
| Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field. | ||||
| CVE-2008-0935 | 1 Novell | 2 Iprint, Iprint Client | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method. | ||||
| CVE-2008-0947 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-09 | N/A |
| Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors. | ||||
| CVE-2007-5487 | 1 Cowon America | 1 Jetaudio | 2025-04-09 | N/A |
| Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file. | ||||
| CVE-2007-3944 | 1 Apple | 3 Iphone Os, Safari, Webkit | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier. | ||||
| CVE-2009-0146 | 4 Apple, Foolabs, Glyphandcog and 1 more | 4 Cups, Xpdf, Xpdfreader and 1 more | 2025-04-09 | N/A |
| Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. | ||||
| CVE-2008-3014 | 1 Microsoft | 14 Digital Image Suite, Forefront Client Security, Internet Explorer and 11 more | 2025-04-09 | N/A |
| Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability." | ||||
| CVE-2007-5507 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (crash) or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which triggers a buffer over-read, aka DB22. | ||||
| CVE-2007-1087 | 1 Ibm | 1 Db2 | 2025-04-09 | N/A |
| IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow. | ||||
| CVE-2007-1088 | 1 Ibm | 1 Db2 | 2025-04-09 | N/A |
| Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables. | ||||
| CVE-2007-5538 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2025-04-09 | N/A |
| Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. | ||||
| CVE-2007-5395 | 2 Abiword, Link Grammar | 2 Abiword Link Grammar, Link Grammar | 2025-04-09 | N/A |
| Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function. | ||||
| CVE-2007-5392 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2025-04-09 | N/A |
| Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. | ||||