Export limit exceeded: 351143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4512 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1387 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username. | ||||
| CVE-2003-1388 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. | ||||
| CVE-2003-0358 | 3 Debian, Falconseye Project, Nethack | 3 Debian Linux, Falconseye, Nethack | 2026-04-16 | N/A |
| Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. | ||||
| CVE-2003-0947 | 1 Wireless Tools Project | 1 Wireless Tools | 2026-04-16 | N/A |
| Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable. | ||||
| CVE-2002-0969 | 2 Microsoft, Oracle | 2 Windows, Mysql | 2026-04-16 | 7.8 High |
| Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | ||||
| CVE-2000-1094 | 1 Aol | 1 Aim | 2026-04-16 | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. | ||||
| CVE-2002-0062 | 5 Debian, Freebsd, Gnu and 2 more | 5 Debian Linux, Freebsd, Ncurses and 2 more | 2026-04-16 | N/A |
| Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | ||||
| CVE-2000-1216 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine. | ||||
| CVE-1999-0945 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands. | ||||
| CVE-2006-2935 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2026-04-16 | N/A |
| The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. | ||||
| CVE-1999-0038 | 7 Bsdi, Data General, Debian and 4 more | 9 Bsd Os, Dg Ux, Debian Linux and 6 more | 2026-04-16 | 8.4 High |
| Buffer overflow in xlock program allows local users to execute commands as root. | ||||
| CVE-2004-0150 | 1 Python | 1 Python | 2026-04-16 | N/A |
| Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS. | ||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2026-04-16 | N/A |
| Buffer overflow of rlogin program using TERM environmental variable. | ||||
| CVE-2016-8620 | 2 Haxx, Redhat | 2 Curl, Rhel Software Collections | 2026-04-15 | N/A |
| The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. | ||||
| CVE-2026-20635 | 1 Apple | 8 Ios And Ipados, Ipados, Iphone Os and 5 more | 2026-04-15 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-20652 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-04-15 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service. | ||||
| CVE-2025-52222 | 2 D-link, Dlink | 27 Di-8003, Di-8003g, Di-8004w and 24 more | 2026-04-15 | 7.5 High |
| D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-8200 v16.07.26A1, DI-8400 v16.07.26A1, DI-8004w v16.07.26A1, DI-8100 v16.07.26A1, and DI-8100G v17.12.20A1 were discovered to contain a buffer overflow via the rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in the radius_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2026-30075 | 1 Openairinterface | 2 Oai-cn5g-amf, Oai-cn5g-ausf | 2026-04-15 | 7.5 High |
| OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response (For example 100 byte). The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes on receiving this oversize response. This can prohibit users from further registration and verification and can cause Denial of Services (DoS). | ||||
| CVE-2025-44560 | 1 Owntone | 1 Owntone-server | 2026-04-15 | 9.8 Critical |
| owntone-server 2ca10d9 is vulnerable to Buffer Overflow due to lack of recursive checking. | ||||
| CVE-2026-4153 | 1 Gimp | 1 Gimp | 2026-04-15 | 7.8 High |
| GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28874. | ||||