Search Results (14411 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-3454 1 Trend Micro 1 Officescan 2025-04-09 N/A
Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library.
CVE-2006-6652 2 Apple, Netbsd 2 Mac Os X, Netbsd 2025-04-09 N/A
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
CVE-2009-2404 5 Aol, Gnome, Mozilla and 2 more 9 Instant Messenger, Evolution, Firefox and 6 more 2025-04-09 N/A
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function.
CVE-2006-6749 1 Openser 1 Openser 2025-04-09 N/A
Buffer overflow in the parse_expression function in parse_config in OpenSER 1.1.0 allows attackers to have an unknown impact via a long str parameter.
CVE-2008-2703 1 Novell 1 Groupwise Messenger 2025-04-09 N/A
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
CVE-2009-1513 1 Konstanty Bialkowski 1 Libmodplug 2025-04-09 N/A
Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name.
CVE-2007-0348 3 Interactual Technologies, Intervideo, Roxio 3 Interactual Player, Windvd, Cineplayer 2025-04-09 N/A
Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property.
CVE-2009-3537 1 Epicdjsoftware 1 Epicdj 2025-04-09 N/A
Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a (1) .m3u or (2) .mpl playlist file.
CVE-2006-6685 1 Pedro Lineu Orso 1 Chetcpasswd 2025-04-09 N/A
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3868 3 Microsoft, Redhat, Sun 9 Windows, Network Satellite, Rhel Extras and 6 more 2025-04-09 N/A
Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.
CVE-2008-5702 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-09 N/A
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
CVE-2006-3448 1 Microsoft 1 Step-by-step Interactive Training 2025-04-09 N/A
Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, cbl, or .cbm), a different issue than CVE-2005-1212.
CVE-2008-5680 1 Opera 1 Opera Browser 2025-04-09 N/A
Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.
CVE-2008-5824 1 68k 1 Audiofile 2025-04-09 N/A
Heap-based buffer overflow in msadpcm.c in libaudiofile in audiofile 0.2.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WAV file.
CVE-2008-1472 2 Computer Associates, Unicenter 7 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Unicenter Dsm R11 List Control Atx and 4 more 2025-04-09 N/A
Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.
CVE-2007-1592 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-09 N/A
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket.
CVE-2008-4383 2 Alcatel, Alcatel-lucent 2 Aos, Omniswitch 2025-04-09 N/A
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.
CVE-2007-6305 3 Ibm, Linux, Unix 3 Hardware Management Console, Linux Kernel, Unix 2025-04-09 N/A
Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via "some HMC commands."
CVE-2007-5365 5 Debian, Openbsd, Redhat and 2 more 7 Debian Linux, Openbsd, Enterprise Linux and 4 more 2025-04-09 N/A
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
CVE-2008-5316 2 Littlecms, Redhat 3 Lcms, Little Cms Color Engine, Enterprise Linux 2025-04-09 N/A
Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741.