Export limit exceeded: 344055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21321 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21321 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1440 | 1 Microsoft | 2 Windows Server 2003, Windows Xp | 2025-04-09 | N/A |
| Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast (PGM) packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted PGM packet, aka the "PGM Invalid Length Vulnerability." | ||||
| CVE-2008-2050 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors. | ||||
| CVE-2009-2407 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhel Eus | 2025-04-09 | N/A |
| Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to a large encrypted key size in a Tag 3 packet. | ||||
| CVE-2006-5393 | 1 Cisco | 1 Secure Desktop | 2025-04-09 | 5.5 Medium |
| Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session. | ||||
| CVE-2008-3522 | 2 Jasper Project, Redhat | 3 Jasper, Enterprise Virtualization, Rhev Manager | 2025-04-09 | N/A |
| Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf. | ||||
| CVE-2008-3496 | 1 Linux | 1 Linux Kernel | 2025-04-09 | N/A |
| Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. | ||||
| CVE-2008-3639 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2025-04-09 | N/A |
| Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. | ||||
| CVE-2009-2406 | 2 Linux, Redhat | 4 Kernel, Linux Kernel, Enterprise Linux and 1 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving a crafted eCryptfs file, related to not ensuring that the key signature length in a Tag 11 packet is compatible with the key signature buffer size. | ||||
| CVE-2007-1887 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2025-04-09 | N/A |
| Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character. | ||||
| CVE-2008-1423 | 2 Redhat, Xiph.org | 3 Enterprise Linux, Linux Advanced Workstation, Libvorbis | 2025-04-09 | N/A |
| Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | ||||
| CVE-2007-0455 | 5 Canonical, Fedoraproject, Gd Graphics Library Project and 2 more | 9 Ubuntu Linux, Fedora, Gd Graphics Library and 6 more | 2025-04-09 | N/A |
| Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. | ||||
| CVE-2009-1791 | 2 Mega-nerd, Nullsoft | 2 Libsndfile, Winamp | 2025-04-09 | N/A |
| Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. | ||||
| CVE-2009-0490 | 1 Audacityteam | 1 Audacity | 2025-04-09 | N/A |
| Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string. | ||||
| CVE-2009-1759 | 1 Rahul | 2 Ctorrent, Dtorrent | 2025-04-09 | N/A |
| Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Torrent file containing a long path. | ||||
| CVE-2008-0003 | 2 Openpegasus, Redhat | 4 Management Server, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360. | ||||
| CVE-2009-0397 | 2 Gstreamer, Redhat | 3 Good Plug-ins, Plug-ins, Enterprise Linux | 2025-04-09 | N/A |
| Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | ||||
| CVE-2022-47630 | 1 Arm | 1 Trusted Firmware-a | 2025-04-08 | 7.4 High |
| Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state. | ||||
| CVE-2024-3008 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-04-08 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda FH1205 2.0.0.7(775). Affected is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258294 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2017-16294 | 1 Insteon | 2 Hub, Hub Firmware | 2025-04-08 | 9.9 Critical |
| Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_schd, at 0x9d01a144, the value for the `on` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow. | ||||
| CVE-2017-16331 | 1 Insteon | 2 Hub, Hub Firmware | 2025-04-08 | 9.9 Critical |
| Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event_alarm, at 0x9d01ebd4, the value for the `s_tid` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow. | ||||