Export limit exceeded: 43192 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43192 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3252 | 2 Fedora, Redhat | 2 Newsx, Fedora | 2026-04-23 | N/A |
| Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period. | ||||
| CVE-2007-5198 | 1 Nagios | 1 Plugins | 2026-04-23 | N/A |
| Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters. | ||||
| CVE-2008-1188 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2026-04-23 | N/A |
| Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues." | ||||
| CVE-2009-0323 | 1 W3 | 1 Amaya | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005. | ||||
| CVE-2007-5392 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2026-04-23 | N/A |
| Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. | ||||
| CVE-2008-5408 | 1 Symantec | 1 Backup Exec For Windows Server | 2026-04-23 | N/A |
| Buffer overflow in the data management protocol in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors. NOTE: this can be exploited by unauthenticated remote attackers by leveraging CVE-2008-5407. | ||||
| CVE-2009-1184 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. | ||||
| CVE-2008-0337 | 1 Miniweb Http Server | 1 Miniweb Http Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI. | ||||
| CVE-2007-4662 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. | ||||
| CVE-2007-2966 | 1 F-secure | 7 F-secure Anti-virus, F-secure Anti-virus Client Security, F-secure Anti-virus Linux Client Security and 4 more | 2026-04-23 | N/A |
| Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. | ||||
| CVE-2006-5393 | 1 Cisco | 1 Secure Desktop | 2026-04-23 | 5.5 Medium |
| Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session. | ||||
| CVE-2007-6220 | 2 Debian, Typespeed | 2 Debian Linux, Typespeed | 2026-04-23 | N/A |
| typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via unspecified network behavior that triggers a divide-by-zero error. | ||||
| CVE-2008-5381 | 1 Ffdshow-tryout | 1 Ffdshow | 2026-04-23 | N/A |
| Buffer overflow in the URL processing in ffdshow (aka ffdshow-tryout) before SVN revision 2347 allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2008-2245 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-23 | N/A |
| Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file. | ||||
| CVE-2008-1973 | 1 Artur Sikora | 1 Subedit Player | 2026-04-23 | N/A |
| Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long subtitle file. | ||||
| CVE-2007-0988 | 3 Canonical, Php, Redhat | 5 Ubuntu Linux, Php, Enterprise Linux and 2 more | 2026-04-23 | N/A |
| The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument. | ||||
| CVE-2008-1722 | 2 Cups, Redhat | 2 Cups, Enterprise Linux | 2026-04-23 | N/A |
| Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image. | ||||
| CVE-2008-1491 | 1 Asus | 1 Remote Console | 2026-04-23 | N/A |
| Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623. | ||||
| CVE-2009-3201 | 1 Rob Schultz | 1 Media Player Classic | 2026-04-23 | N/A |
| Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940. | ||||
| CVE-2007-4730 | 2 Redhat, X.org | 2 Enterprise Linux, Xorg-server | 2026-04-23 | N/A |
| Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. | ||||