Export limit exceeded: 22717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22717 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0698 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response. | ||||
| CVE-2000-1216 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine. | ||||
| CVE-2000-1094 | 1 Aol | 1 Aim | 2026-04-16 | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. | ||||
| CVE-1999-1237 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods. | ||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | ||||
| CVE-1999-0284 | 2 Ibm, Microsoft | 2 Lotus Domino Mail Server, Exchange Server | 2026-04-16 | N/A |
| Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. | ||||
| CVE-2002-1337 | 8 Gentoo, Hp, Netbsd and 5 more | 11 Linux, Alphaserver Sc, Hp-ux and 8 more | 2026-04-16 | N/A |
| Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | ||||
| CVE-2006-0963 | 1 Stlport Project | 1 Stlport | 2026-04-16 | N/A |
| Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1) long locale environment variables to a strcpy function call in c_locale_glibc2.c and (2) long arguments to unspecified functions in num_put_float.cpp. | ||||
| CVE-2004-0455 | 2 Debian, Www-sql Project | 2 Debian Linux, Www-sql | 2026-04-16 | N/A |
| Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | ||||
| CVE-2004-0421 | 4 Libpng, Openpkg, Redhat and 1 more | 7 Libpng, Openpkg, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | ||||
| CVE-2003-1228 | 1 Mathopd | 1 Mathopd | 2026-04-16 | N/A |
| Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. | ||||
| CVE-2003-0721 | 2 Redhat, Washington | 3 Enterprise Linux, Linux, Pine | 2026-04-16 | N/A |
| Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. | ||||
| CVE-2026-3442 | 2 Gnu, Redhat | 5 Binutils, Enterprise Linux, Hummingbird and 2 more | 2026-04-15 | 6.1 Medium |
| A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service. | ||||
| CVE-2026-3441 | 2 Gnu, Redhat | 5 Binutils, Enterprise Linux, Hummingbird and 2 more | 2026-04-15 | 6.1 Medium |
| A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service. | ||||
| CVE-2026-29111 | 2 Systemd, Systemd Project | 2 Systemd, Systemd | 2026-04-15 | 5.5 Medium |
| systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available. | ||||
| CVE-2026-5441 | 2 Orthanc, Orthanc-server | 2 Dicom Server, Orthanc | 2026-04-15 | 7.1 High |
| An out-of-bounds read vulnerability exists in the `DecodePsmctRle1` function of `DicomImageDecoder.cpp`. The `PMSCT_RLE1` decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafted sequence at the end of the buffer can cause the decoder to read beyond the allocated memory region and leak heap data into the rendered image output. | ||||
| CVE-2019-5482 | 7 Debian, Fedoraproject, Haxx and 4 more | 24 Debian Linux, Fedora, Curl and 21 more | 2026-04-15 | 9.8 Critical |
| Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | ||||
| CVE-2019-5436 | 8 Debian, F5, Fedoraproject and 5 more | 15 Debian Linux, Traffix Signaling Delivery Controller, Fedora and 12 more | 2026-04-15 | 7.8 High |
| A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | ||||
| CVE-2018-1000301 | 5 Canonical, Debian, Haxx and 2 more | 15 Ubuntu Linux, Debian Linux, Curl and 12 more | 2026-04-15 | 9.1 Critical |
| curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0. | ||||
| CVE-2017-8817 | 3 Debian, Haxx, Redhat | 4 Debian Linux, Curl, Libcurl and 1 more | 2026-04-15 | 9.8 Critical |
| The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character. | ||||