Export limit exceeded: 23766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43057 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23204 | 1 Linux | 1 Linux Kernel | 2026-04-16 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro fooling u32_classify(): BUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0 net/sched/cls_u32.c:221 | ||||
| CVE-2003-1445 | 1 Rarlab | 1 Far Manager | 2026-04-16 | N/A |
| Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname. | ||||
| CVE-2004-2709 | 1 Phrozensmoke | 1 Gyach Enhanced | 2026-04-16 | N/A |
| Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags. | ||||
| CVE-2006-3668 | 1 Dynamic Universal Music Bibliotheque | 1 Dumb | 2026-04-16 | N/A |
| Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" (Impulse Tracker) file with an envelope with a large number of nodes. | ||||
| CVE-2005-0490 | 2 Haxx, Redhat | 3 Curl, Libcurl, Enterprise Linux | 2026-04-16 | 8.8 High |
| Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication. | ||||
| CVE-2006-1189 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." | ||||
| CVE-2005-3863 | 1 Ktools | 1 Ktools | 2026-04-16 | N/A |
| Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro. | ||||
| CVE-2005-0351 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2003-1494 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. | ||||
| CVE-2003-0595 | 1 Terascript | 1 Wintango Application Server | 2026-04-16 | N/A |
| Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference. | ||||
| CVE-2006-2407 | 3 Freeftpd, Freesshd, Weonlydo | 3 Freeftpd, Freesshd, Wodsshserver | 2026-04-16 | N/A |
| Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string. | ||||
| CVE-2004-2541 | 2 Cscope, Redhat | 2 Cscope, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target. | ||||
| CVE-2003-1449 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2026-04-16 | N/A |
| Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. | ||||
| CVE-2006-2935 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2026-04-16 | N/A |
| The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. | ||||
| CVE-2002-2286 | 1 Apt-www-proxy | 1 Apt-www-proxy | 2026-04-16 | N/A |
| The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference. | ||||
| CVE-2003-1397 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method. | ||||
| CVE-2003-1395 | 1 Kazaa | 1 Kazaa Media Desktop | 2026-04-16 | N/A |
| Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server. | ||||
| CVE-2001-0249 | 3 Hp, Oracle, Sgi | 3 Hp-ux, Solaris, Irix | 2026-04-16 | 9.8 Critical |
| Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | ||||
| CVE-2003-1355 | 1 Electronic Arts | 1 Battlefield 1942 | 2026-04-16 | N/A |
| Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password. | ||||
| CVE-2006-1060 | 1 Xzgv | 1 Xzgv | 2026-04-16 | N/A |
| Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required. | ||||