Export limit exceeded: 45266 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45266 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3221 | 1 Basicunivers.free.fr | 1 Audio Lib Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file. | ||||
| CVE-2008-1922 | 1 Sarg | 1 Squid Analysis Report Generator | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file. | ||||
| CVE-2008-2409 | 1 Cerulean Studios | 1 Trillian | 2026-04-23 | N/A |
| Stack-based buffer overflow in Cerulean Studios Trillian before 3.1.10.0 allows remote attackers to execute arbitrary code via unspecified attributes in the X-MMS-IM-FORMAT header in an MSN message. | ||||
| CVE-2008-2408 | 1 Ceruleanstudios | 1 Trillian Pro | 2026-04-23 | N/A |
| Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag. | ||||
| CVE-2008-2069 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI. | ||||
| CVE-2008-2431 | 1 Novell | 1 Iprint | 2026-04-23 | N/A |
| Multiple buffer overflows in Novell iPrint Client before 5.06 allow remote attackers to execute arbitrary code by calling the Novell iPrint ActiveX control (aka ienipp.ocx) with (1) a long third argument to the GetDriverFile method; a long first argument to the (2) GetPrinterURLList or (3) GetPrinterURLList2 method; (4) a long argument to the GetFileList method; a long argument to the (5) GetServerVersion, (6) GetResourceList, or (7) DeleteResource method, related to nipplib.dll; a long uploadPath argument to the (8) UploadPrinterDriver or (9) UploadResource method, related to URIs; (10) a long seventh argument to the UploadResource method; a long string in the (11) second, (12) third, or (13) fourth argument to the GetDriverSettings method, related to the IppGetDriverSettings function in nipplib.dll; or (14) a long eighth argument to the UploadResourceToRMS method. | ||||
| CVE-2008-2214 | 1 Castle Rock | 1 Snmpc | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet. | ||||
| CVE-2008-1923 | 1 Asterisk | 5 Asterisk Appliance Developer Kit, Asterisk Business Edition, Asterisknow and 2 more | 2026-04-23 | N/A |
| The IAX2 channel driver (chan_iax2) in Asterisk 1.2 before revision 72630 and 1.4 before revision 65679, when configured to allow unauthenticated calls, sends "early audio" to an unverified source IP address of a NEW message, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed NEW message. | ||||
| CVE-2008-2304 | 1 Apple | 1 Core Image Fun House | 2026-04-23 | N/A |
| Buffer overflow in Apple Core Image Fun House 2.0 and earlier in CoreImage Examples in Xcode tools before 3.1 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a .funhouse file with a string XML element that contains many characters. | ||||
| CVE-2008-2407 | 1 Ceruleanstudios | 1 Trillian | 2026-04-23 | N/A |
| Stack-based buffer overflow in AIM.DLL in Cerulean Studios Trillian before 3.1.10.0 allows user-assisted remote attackers to execute arbitrary code via a long attribute value in a FONT tag in a message. | ||||
| CVE-2008-2388 | 1 Opensuse | 1 Opensuse | 2026-04-23 | N/A |
| Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem." | ||||
| CVE-2008-1928 | 1 Imager | 1 Imager | 2026-04-23 | N/A |
| Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels. | ||||
| CVE-2008-1802 | 1 Rdesktop | 1 Rdesktop | 2026-04-23 | N/A |
| Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields. | ||||
| CVE-2008-1920 | 1 Icq | 1 Mirabilis Icq | 2026-04-23 | N/A |
| Heap-based buffer overflow in the boxelyRenderer module in the Personal Status Manager feature in ICQ 6.0 build 6043 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted personal status message. | ||||
| CVE-2008-2376 | 2 Redhat, Ruby-lang | 3 Enterprise Linux, Fedora 8, Ruby | 2026-04-23 | N/A |
| Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. NOTE: this issue exists because of an incomplete fix for other closely related integer overflows. | ||||
| CVE-2008-2499 | 1 Ibm | 1 Lotus Sametime | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL. | ||||
| CVE-2008-1966 | 1 Ibm | 1 Db2 | 2026-04-23 | N/A |
| Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to the (1) RECOVERJAR or (2) REMOVE_JAR procedure with a crafted parameter, related to (a) sqlj.install_jar and (b) sqlj.replace_jar. | ||||
| CVE-2007-4337 | 1 Streamripper | 1 Streamripper | 2026-04-23 | N/A |
| Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124. | ||||
| CVE-2009-3790 | 1 Cutepdf | 1 Formmax | 2026-04-23 | N/A |
| Heap-based buffer overflow in FormMax (formerly AcroForm) evaluation 3.5 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted FormMax import (.aim) file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4255 | 1 Microsoft | 5 Office Frontpage, Project, Visual Basic and 2 more | 2026-04-23 | N/A |
| Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability." | ||||