Export limit exceeded: 361559 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45726 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5358 | 1 Digium | 1 Asterisk | 2026-04-23 | N/A |
| Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files. | ||||
| CVE-2009-1186 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2026-04-23 | N/A |
| Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. | ||||
| CVE-2009-1182 | 5 Apple, Foolabs, Glyphandcog and 2 more | 5 Cups, Xpdf, Xpdfreader and 2 more | 2026-04-23 | N/A |
| Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. | ||||
| CVE-2007-5338 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. | ||||
| CVE-2007-5334 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute. | ||||
| CVE-2009-1177 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors. | ||||
| CVE-2009-1176 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2026-04-23 | N/A |
| mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action. | ||||
| CVE-2007-5019 | 1 Sun | 3 Java Web Start, Jre, Sdk | 2026-04-23 | N/A |
| Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method. | ||||
| CVE-2007-5018 | 1 David Harris | 1 Mercury 32 | 2026-04-23 | N/A |
| Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211. | ||||
| CVE-2007-5007 | 1 Gnome | 1 Balsa | 2026-04-23 | N/A |
| Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command. | ||||
| CVE-2007-4997 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error." | ||||
| CVE-2007-4988 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2026-04-23 | 7.8 High |
| Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. | ||||
| CVE-2007-4995 | 2 Openssl, Redhat | 2 Openssl, Enterprise Linux | 2026-04-23 | N/A |
| Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-4980 | 1 Gcaldaemon | 1 Gcaldaemon | 2026-04-23 | N/A |
| The readRequest method in org/gcaldaemon/core/http/HTTPListener.java in GCALDaemon 1.0-beta13 allows remote attackers to cause a denial of service via a large integer value in the Content-Length HTTP header, which triggers a fatal Java OutOfMemoryError. | ||||
| CVE-2007-4974 | 1 Mega-nerd | 1 Libsndfile | 2026-04-23 | N/A |
| Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size. | ||||
| CVE-2007-4943 | 1 Baofeng | 1 Storm | 2026-04-23 | N/A |
| Multiple buffer overflows in a certain ActiveX control in sparser.dll in Baofeng Storm 2.8 and earlier allow remote attackers to execute arbitrary code via malformed input in an unknown set of arguments or property values, a different DLL than CVE-2007-4816. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-4904 | 1 Realnetworks | 2 Helix Player, Realplayer | 2026-04-23 | N/A |
| RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | ||||
| CVE-2007-4903 | 1 Ultra Shareware | 1 Ultra Crypto Component | 2026-04-23 | N/A |
| Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method. | ||||
| CVE-2007-4880 | 1 Ibm | 1 Tivoli Storage Manager Client | 2026-04-23 | N/A |
| Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905. | ||||
| CVE-2007-4838 | 1 Immersion Games | 1 Cellfactor Revolution | 2026-04-23 | N/A |
| Multiple buffer overflows in CellFactor Revolution 1.03 and earlier allow remote attackers to execute arbitrary code via a long string in a (1) 0x21, (2) 0x22, or (3) 0x23 packet. | ||||