Export limit exceeded: 45694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45694 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1812 | 1 Futuresoft | 1 Tftp Server 2000 | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet. | ||||
| CVE-2002-2119 | 1 Novell | 1 Edirectory | 2026-04-16 | 9.8 Critical |
| Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing. | ||||
| CVE-2006-1148 | 1 Peercast | 1 Peercast | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp. | ||||
| CVE-2006-4326 | 1 Justsystem | 3 Formliner, Ichitaro, Ichitaro Government | 2026-04-16 | N/A |
| Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information. | ||||
| CVE-2006-1189 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability." | ||||
| CVE-2004-0455 | 2 Debian, Www-sql Project | 2 Debian Linux, Www-sql | 2026-04-16 | N/A |
| Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. | ||||
| CVE-2003-1375 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | ||||
| CVE-2006-4776 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement. | ||||
| CVE-2006-1985 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2026-04-16 | N/A |
| Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. | ||||
| CVE-2006-1249 | 1 Apple | 2 Itunes, Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. | ||||
| CVE-2005-1891 | 2 Aol, Microsoft | 2 Aim, Windows | 2026-04-16 | 7.5 High |
| The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable. | ||||
| CVE-2006-1840 | 1 Empire Server | 1 Empire Server | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions. | ||||
| CVE-2006-1857 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk. | ||||
| CVE-2003-1388 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. | ||||
| CVE-2003-1336 | 1 Mirc | 1 Mirc | 2026-04-16 | N/A |
| Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL. | ||||
| CVE-2003-1368 | 1 Electrasoft | 1 Ftp Client | 2026-04-16 | N/A |
| Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | ||||
| CVE-2006-1902 | 1 Gnu | 1 Gcc | 2026-04-16 | N/A |
| fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value." | ||||
| CVE-2005-0351 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2003-0466 | 7 Apple, Freebsd, Netbsd and 4 more | 10 Mac Os X, Mac Os X Server, Freebsd and 7 more | 2026-04-16 | 9.8 Critical |
| Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | ||||
| CVE-2006-4431 | 1 Zend | 1 Zend Platform | 2026-04-16 | N/A |
| Multiple buffer overflows in the (a) Session Clustering Daemon and the (b) mod_cluster module in the Zend Platform 2.2.1 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a (1) empty or (2) crafted PHP session identifier (PHPSESSID). | ||||