Export limit exceeded: 15202 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15202 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6134 | 1 Microsoft | 1 Windows Media Player | 2025-04-09 | N/A |
| Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file. | ||||
| CVE-2006-6183 | 1 3com | 1 3ctftpsvc | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command. | ||||
| CVE-2006-6199 | 1 Blazevideo | 1 Blaze Dvd | 2025-04-09 | N/A |
| Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist. | ||||
| CVE-2006-6291 | 1 Mailenable | 1 Mailenable | 2025-04-09 | N/A |
| Stack overflow in the IMAP module (MEIMAPS.EXE) in MailEnable Professional 1.6 through 1.83 and 2.0 through 2.33, and MailEnable Enterprise 1.1 through 1.40 and 2.0 through 2.33, allows remote authenticated users to cause a denial of service (crash) via a long argument containing * (asterisk) and ? (question mark) characters to the DELETE command, as addressed by the ME-10020 hotfix. | ||||
| CVE-2006-6749 | 1 Openser | 1 Openser | 2025-04-09 | N/A |
| Buffer overflow in the parse_expression function in parse_config in OpenSER 1.1.0 allows attackers to have an unknown impact via a long str parameter. | ||||
| CVE-2006-6361 | 1 Bitflux | 1 Upload Progress Meter | 2025-04-09 | N/A |
| Heap-based buffer overflow in the uploadprogress_php_rfc1867_file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted HTTP POST fileupload requests. | ||||
| CVE-2008-0080 | 1 Microsoft | 5 Webdav Mini-redirector, Windows 2003 Server, Windows Server 2003 and 2 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. | ||||
| CVE-2006-6684 | 1 Pedro Lineu Orso | 1 Chetcpasswd | 2025-04-09 | N/A |
| Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6685 | 1 Pedro Lineu Orso | 1 Chetcpasswd | 2025-04-09 | N/A |
| Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0270 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via the GET_PROPERTY function in SYS.DBMS_DRS, aka DB03. | ||||
| CVE-2007-0272 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05. | ||||
| CVE-2007-0320 | 1 Macrovision | 1 Installfromtheweb | 2025-04-09 | N/A |
| Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents. | ||||
| CVE-2007-0322 | 1 Intuit | 1 Quickbooks | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0325 | 1 Trend Micro | 2 Client-server-messaging Security, Officescan Corporate Edition | 2025-04-09 | N/A |
| Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document. | ||||
| CVE-2007-0326 | 1 Photochannel | 1 Pni Digital Media Upload Plugin Activex Control | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Plugin ActiveX control before 2.0.0.10, as used by multiple retailers, allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0355 | 1 Apple | 2 Mac Os X, Minimal Slp Service Agent | 2025-04-09 | N/A |
| Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field. | ||||
| CVE-2007-0718 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a QTIF file with a Video Sample Description containing a Color table ID of 0, which triggers memory corruption when QuickTime assumes that a color table exists. | ||||
| CVE-2007-0734 | 1 Apple | 2 Airport Extreme, Mac Os X | 2025-04-09 | N/A |
| fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. | ||||
| CVE-2007-0776 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | N/A |
| Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file. | ||||
| CVE-2007-0777 | 3 Canonical, Mozilla, Redhat | 5 Ubuntu Linux, Firefox, Seamonkey and 2 more | 2025-04-09 | N/A |
| The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption. | ||||