Export limit exceeded: 359583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45436 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0356 | 1 Citrix | 4 Access Essentials, Desktop Server, Metaframe Presentation Server and 1 more | 2026-04-23 | N/A |
| Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513. | ||||
| CVE-2008-5286 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2026-04-23 | N/A |
| Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow. | ||||
| CVE-2008-5284 | 1 Iea Software | 6 Air Marshal, Emerald, Radius Test Client and 3 more | 2026-04-23 | N/A |
| The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions before 5.0.52, Air Marshal 2.0.4 and other versions before 2.0.8, and Radius test client (aka Radlogin) 4.0.20 and earlier, allows remote attackers to cause a denial of service (crash) via an HTTP Content-Length header with a negative value, which triggers a single byte overwrite of memory using a NULL terminator. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5279 | 1 Zilab | 1 Zim Server | 2026-04-23 | N/A |
| The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging (ZIM) Server 2.1 and earlier allow remote attackers to execute arbitrary code via (1) heap-based buffer overflows involving multiple vectors including a long room name and a long source account, and (2) a stack-based buffer overflow with a long username in an information request. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6341 | 1 Net Dns | 1 Net Dns | 2026-04-23 | N/A |
| Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response. | ||||
| CVE-2008-3066 | 1 Realnetworks | 1 Realplayer | 2026-04-23 | N/A |
| Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file. | ||||
| CVE-2007-5071 | 1 Alexander Palmo | 1 Simple Php Blog | 2026-04-23 | N/A |
| Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733. NOTE: the vulnerability was also present in a 0.5.1 download available in the early morning of 20070923. NOTE: the original 20070920 disclosure provided an incorrect filename, img_upload_cgi.php. | ||||
| CVE-2007-5107 | 1 Ask.com | 1 Ask Toolbar | 2026-04-23 | N/A |
| Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain. | ||||
| CVE-2008-0957 | 1 Photostockplus | 1 Photostockplus Uploader Tool | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control (PSPUploader.ocx) allow remote attackers to execute arbitrary code via unspecified initialization parameters. | ||||
| CVE-2008-2959 | 1 Microsoft | 1 Visual Basic Enterprise Edition | 2026-04-23 | N/A |
| Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function. | ||||
| CVE-2008-5050 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-5036 | 1 Videolan | 1 Vlc Media Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110. | ||||
| CVE-2008-5032 | 1 Videolan | 1 Vlc Media Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036. | ||||
| CVE-2008-5030 | 1 Libcaudio | 1 Libcaudio | 2026-04-23 | N/A |
| Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 allows remote CDDB servers to execute arbitrary code via long CDDB data. | ||||
| CVE-2007-4635 | 1 Yahoo | 1 Messenger | 2026-04-23 | N/A |
| Yahoo! Messenger 8.1.0.209 and 8.1.0.402 allows remote attackers to cause a denial of service (application crash) via certain file-transfer packets, possibly involving a buffer overflow, as demonstrated by ym8bug.exe. NOTE: this might be related to CVE-2007-4515. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5197 | 4 Debian, Mono, Opensuse and 1 more | 6 Debian Linux, Mono, Opensuse and 3 more | 2026-04-23 | N/A |
| Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods. | ||||
| CVE-2007-5198 | 1 Nagios | 1 Plugins | 2026-04-23 | N/A |
| Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters. | ||||
| CVE-2007-4586 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions. | ||||
| CVE-2008-3126 | 1 Fujitsu | 1 Serverview | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL. | ||||
| CVE-2007-4584 | 1 Bitchx | 1 Bitchx | 2026-04-23 | N/A |
| Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable. | ||||