Export limit exceeded: 43539 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43539 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1513 | 1 Abc2ps | 1 Abc2ps | 2026-04-16 | N/A |
| Multiple buffer overflows in abc2ps before 1.3.3 allow user-assisted attackers to execute arbitrary code via crafted ABC music files. | ||||
| CVE-2006-1868 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03. | ||||
| CVE-2006-2200 | 2 Mimms, Xine | 2 Mimms, Xine-lib | 2026-04-16 | N/A |
| Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions. | ||||
| CVE-2006-1469 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | ||||
| CVE-2006-2382 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability." | ||||
| CVE-2006-1983 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family. | ||||
| CVE-2006-0966 | 1 Ncp Network Communications | 1 Secure Client | 2026-04-16 | N/A |
| NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a large number of arguments to ncprwsnt.exe, possibly due to a buffer overflow. | ||||
| CVE-2006-0963 | 1 Stlport Project | 1 Stlport | 2026-04-16 | N/A |
| Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1) long locale environment variables to a strcpy function call in c_locale_glibc2.c and (2) long arguments to unspecified functions in num_put_float.cpp. | ||||
| CVE-2006-2238 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue. | ||||
| CVE-2006-2085 | 1 Speedproject | 2 Speedcommander, Squeez | 2026-04-16 | N/A |
| Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename. | ||||
| CVE-2005-1852 | 5 Centericq, Ekg, Kadu and 2 more | 5 Centericq, Ekg, Kadu and 2 more | 2026-04-16 | N/A |
| Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. | ||||
| CVE-2026-3442 | 2 Gnu, Redhat | 5 Binutils, Enterprise Linux, Hummingbird and 2 more | 2026-04-15 | 6.1 Medium |
| A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service. | ||||
| CVE-2026-3441 | 2 Gnu, Redhat | 5 Binutils, Enterprise Linux, Hummingbird and 2 more | 2026-04-15 | 6.1 Medium |
| A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service. | ||||
| CVE-2026-29111 | 2 Systemd, Systemd Project | 2 Systemd, Systemd | 2026-04-15 | 5.5 Medium |
| systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available. | ||||
| CVE-2026-2239 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2026-04-15 | 2.8 Low |
| A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string function when processing a specially crafted PSD (Photoshop Document) file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read when strlen() is subsequently called. Successfully exploiting this vulnerability can cause the application to crash, resulting in an application level Denial of Service. | ||||
| CVE-2026-5441 | 2 Orthanc, Orthanc-server | 2 Dicom Server, Orthanc | 2026-04-15 | 7.1 High |
| An out-of-bounds read vulnerability exists in the `DecodePsmctRle1` function of `DicomImageDecoder.cpp`. The `PMSCT_RLE1` decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafted sequence at the end of the buffer can cause the decoder to read beyond the allocated memory region and leak heap data into the rendered image output. | ||||
| CVE-2026-4149 | 1 Sonos | 2 Era 300, Era 300 Firmware | 2026-04-15 | 9.8 Critical |
| Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the DataOffset field within SMB responses. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the kernel. Was ZDI-CAN-28345. | ||||
| CVE-2026-1675 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.3 Medium |
| The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for unauthenticated attackers to bypass the geolocation blocking mechanism by appending the key to any URL on sites where the administrator has not changed the default value. | ||||
| CVE-2022-0204 | 3 Bluez, Debian, Fedoraproject | 3 Bluez, Debian Linux, Fedora | 2026-04-15 | 8.8 High |
| A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | ||||
| CVE-2019-8922 | 3 Bluez, Debian, Linux | 3 Bluez, Debian Linux, Linux Kernel | 2026-04-15 | 8.8 High |
| A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer. There are no size checks whatsoever, resulting in a simple heap overflow if one can craft a request where the response is large enough to overflow the preallocated buffer. This issue exists in service_attr_req gets called by process_request (in sdpd-request.c), which also allocates the response buffer. | ||||