Total
1237 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0787 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory. | ||||
| CVE-2009-0155 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow. | ||||
| CVE-2009-0070 | 1 Apple | 1 Safari | 2025-04-09 | N/A |
| Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a JavaScript function, possibly a related issue to CVE-2008-2307. | ||||
| CVE-2007-1351 | 7 Mandrakesoft, Openbsd, Redhat and 4 more | 11 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall and 8 more | 2025-04-09 | N/A |
| Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. | ||||
| CVE-2009-0232 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-09 | N/A |
| Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table, aka "Embedded OpenType Font Integer Overflow Vulnerability." | ||||
| CVE-2008-0986 | 1 Google | 1 Android Sdk | 2025-04-09 | N/A |
| Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. | ||||
| CVE-2009-2535 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | N/A |
| Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
| CVE-2007-1797 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667. | ||||
| CVE-2008-1806 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-2360 | 2 Redhat, X | 2 Enterprise Linux, X11 | 2025-04-09 | N/A |
| Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow. | ||||
| CVE-2009-1095 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2025-04-09 | N/A |
| Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||||
| CVE-2008-7126 | 1 Microfocus | 1 Visibroker | 2025-04-09 | N/A |
| Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-6336 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | N/A |
| Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file. | ||||
| CVE-2008-6995 | 1 Google | 1 Chrome | 2025-04-09 | N/A |
| Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated using an "about:%" URI. | ||||
| CVE-2008-1384 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions). | ||||
| CVE-2008-4327 | 1 Microsoft | 1 Windows Xp | 2025-04-09 | N/A |
| gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly handle crafted .ico files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a certain crash.ico file on a web site, and allows user-assisted attackers to cause a denial of service (divide-by-zero error and persistent application crash) via this crash.ico file on the desktop, a different vulnerability than CVE-2007-2237. | ||||
| CVE-2009-2990 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-3472 | 2 Libgd, Redhat | 2 Gd Graphics Library, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. | ||||
| CVE-2007-1218 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-04-09 | N/A |
| Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. | ||||
| CVE-2007-5558 | 1 Lg Electronics | 1 Lg Mobile Handset | 2025-04-09 | N/A |
| Integer overflow in the LG Mobile handset allows remote attackers to cause a denial of service (reboot) via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||