Export limit exceeded: 358698 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 12870 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45336 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45336 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2310 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code. | ||||
| CVE-2008-2327 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-23 | N/A |
| Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. | ||||
| CVE-2008-2361 | 2 Redhat, Xorg | 2 Enterprise Linux, X11 | 2026-04-23 | N/A |
| Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory. | ||||
| CVE-2008-2362 | 2 Redhat, X | 2 Enterprise Linux, X11 | 2026-04-23 | N/A |
| Multiple integer overflows in the Render extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via a (1) SProcRenderCreateLinearGradient, (2) SProcRenderCreateRadialGradient, or (3) SProcRenderCreateConicalGradient request with an invalid field specifying the number of bytes to swap in the request data, which triggers heap memory corruption. | ||||
| CVE-2008-2363 | 1 Pan | 1 Pan | 2026-04-23 | N/A |
| The PartsBatch class in Pan 0.132 and earlier does not properly manage the data structures for Parts batches, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .nzb file that triggers a heap-based buffer overflow. | ||||
| CVE-2008-2542 | 1 Nasa Ames Research Center | 1 Bigview | 2026-04-23 | N/A |
| Stack-based buffer overflow in the getline function in Ppm/ppm.C in NASA Ames Research Center BigView 1.8 allows user-assisted remote attackers to execute arbitrary code via a crafted PNM file. | ||||
| CVE-2008-1943 | 2 Redhat, Xensource | 4 Desktop, Enterprise Linux, Virtualization Server and 1 more | 2026-04-23 | N/A |
| Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer. | ||||
| CVE-2008-2069 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Buffer overflow in Novell GroupWise 7 allows remote attackers to cause a denial of service or execute arbitrary code via a long argument in a mailto: URI. | ||||
| CVE-2008-1944 | 2 Redhat, Xensource | 4 Desktop, Enterprise Linux, Virtualization Server and 1 more | 2026-04-23 | N/A |
| Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly execute arbitrary code via "bogus screen updates," related to missing validation of the "format of messages." | ||||
| CVE-2008-1948 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2026-04-23 | N/A |
| The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS-SA-2008-1-1. | ||||
| CVE-2008-2469 | 1 Libspf | 1 Libspf2 | 2026-04-23 | N/A |
| Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field. | ||||
| CVE-2008-1912 | 1 Divx | 1 Divx Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earlier allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long subtitle in a .SRT file. | ||||
| CVE-2008-1910 | 1 Borland | 1 Interbase | 2026-04-23 | N/A |
| Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244. | ||||
| CVE-2008-1881 | 1 Videolan | 1 Vlc | 2026-04-23 | N/A |
| Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681. | ||||
| CVE-2008-2249 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows Server 2003 and 3 more | 2026-04-23 | N/A |
| Integer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a malformed header in a crafted WMF file, which triggers a buffer overflow, aka "GDI Integer Overflow Vulnerability." | ||||
| CVE-2008-2245 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-23 | N/A |
| Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file. | ||||
| CVE-2008-2430 | 2 Microsoft, Videolan | 2 Windows Nt, Vlc Media Player | 2026-04-23 | N/A |
| Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file. | ||||
| CVE-2008-2008 | 1 Cerulean Studios | 1 Trillian | 2026-04-23 | N/A |
| Buffer overflow in the Display Names message feature in Cerulean Studios Trillian Basic and Pro 3.1.9.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long nickname in an MSN protocol message. | ||||
| CVE-2008-2499 | 1 Ibm | 1 Lotus Sametime | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL. | ||||
| CVE-2008-2547 | 1 Microsoft | 1 Windows Installer | 2026-04-23 | N/A |
| Stack-based buffer overflow in msiexec.exe 3.1.4000.1823 and 4.5.6001.22159 in Microsoft Windows Installer allows context-dependent attackers to execute arbitrary code via a long GUID value for the /x (aka /uninstall) option. NOTE: this issue might cross privilege boundaries if msiexec.exe is reachable via components such as ActiveX controls, and might additionally require a separate vulnerability in the control. | ||||