Export limit exceeded: 336643 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14171 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14171 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1550 | 2 Dia, Redhat | 2 Dia, Enterprise Linux | 2025-04-03 | N/A |
| Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth. | ||||
| CVE-2006-1652 | 1 Ultravnc | 2 Tabbed Viewer, Vnc Viewer | 2025-04-03 | N/A |
| Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint. | ||||
| CVE-2006-1739 | 2 Mozilla, Redhat | 5 Firefox, Mozilla Suite, Seamonkey and 2 more | 2025-04-03 | N/A |
| The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow. | ||||
| CVE-2006-1902 | 1 Gnu | 1 Gcc | 2025-04-03 | N/A |
| fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value." | ||||
| CVE-2006-2026 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." | ||||
| CVE-2006-2108 | 1 Oce North America | 2 3121 Printer, 3122 Printer | 2025-04-03 | N/A |
| parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to cause a denial of service (crash or reboot) via a long request, possibly triggering a buffer overflow. | ||||
| CVE-2006-2379 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2025-04-03 | N/A |
| Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. | ||||
| CVE-2006-2656 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-03 | N/A |
| Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. | ||||
| CVE-2006-3838 | 1 Eiqnetworks | 1 Enterprise Security Analyzer | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) before 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and possibly other products, allow remote attackers to execute arbitrary code via long (1) DELTAINTERVAL, (2) LOGFOLDER, (3) DELETELOGS, (4) FWASERVER, (5) SYSLOGPUBLICIP, (6) GETFWAIMPORTLOG, (7) GETFWADELTA, (8) DELETERDEPDEVICE, (9) COMPRESSRAWLOGFILE, (10) GETSYSLOGFIREWALLS, (11) ADDPOLICY, and (12) EDITPOLICY commands to the Syslog daemon (syslogserver.exe); (13) GUIADDDEVICE, (14) ADDDEVICE, and (15) DELETEDEVICE commands to the Topology server (Topology.exe); the (15) LICMGR_ADDLICENSE command to the License Manager (EnterpriseSecurityAnalyzer.exe); the (16) TRACE and (17) QUERYMONITOR commands to the Monitoring agent (Monitoring.exe); and possibly other vectors related to the Syslog daemon (syslogserver.exe). | ||||
| CVE-2006-3946 | 1 Apple | 2 Mac Os X, Safari | 2025-04-03 | N/A |
| WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted HTML that triggers a "memory management error" in WebKit, possibly due to a buffer overflow, as originally reported for the KHTMLParser::popOneBlock function in Apple Safari 2.0.4 using Javascript that changes document.body.innerHTML within a DIV tag. | ||||
| CVE-2006-3961 | 1 Mcafee | 9 Antispyware, Internet Security Suite, Personal Firewall Plus and 6 more | 2025-04-03 | N/A |
| Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. | ||||
| CVE-2006-4146 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2025-04-03 | N/A |
| Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations. | ||||
| CVE-2006-0323 | 2 Realnetworks, Redhat | 5 Helix Player, Realone Player, Realplayer and 2 more | 2025-04-03 | N/A |
| Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations. | ||||
| CVE-2006-4565 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minimal quantifier." | ||||
| CVE-1999-0069 | 1 Sun | 1 Sunos | 2025-04-03 | 8.4 High |
| Solaris ufsrestore buffer overflow. | ||||
| CVE-1999-0332 | 1 Microsoft | 1 Netmeeting | 2025-04-03 | N/A |
| Buffer overflow in NetMeeting allows denial of service and remote command execution. | ||||
| CVE-1999-0349 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. | ||||
| CVE-2001-0153 | 1 Microsoft | 2 Visual Basic, Visual Studio | 2025-04-03 | N/A |
| Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. | ||||
| CVE-2001-0819 | 2 Fetchmail, Redhat | 2 Fetchmail, Linux | 2025-04-03 | N/A |
| A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header. | ||||
| CVE-2002-1200 | 1 Oneidentity | 1 Syslog-ng | 2025-04-03 | N/A |
| Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||