Search Results (14738 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0296 2 Microsoft, Videolan 2 Windows, Vlc Media Player 2026-04-23 N/A
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
CVE-2008-7015 2 Epic Games, Frontlines 2 Unreal Tournament, Fuel Of War 2026-04-23 N/A
Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure.
CVE-2008-0309 1 Symantec 10 Scan Engine, Symantec Antivirus Filtering Domino Mpe, Symantec Antivirus Network Attached Storage and 7 more 2026-04-23 N/A
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
CVE-2008-0311 1 Borland 1 Caliberrm 2026-04-23 N/A
Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request.
CVE-2008-0312 2 Microsoft, Symantec 5 Windows, Norton 360, Norton Antivirus and 2 more 2026-04-23 N/A
Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.
CVE-2008-0314 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.
CVE-2008-0337 1 Miniweb Http Server 1 Miniweb Http Server 2026-04-23 N/A
Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.
CVE-2009-3345 1 Sap 1 Crystal Reports Server 2026-04-23 N/A
Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-3347 1 D-link 1 Dir-400 2026-04-23 N/A
Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2008-0056 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager.
CVE-2008-7103 1 Najdi.si 1 Toolbar 2026-04-23 N/A
Stack-based buffer overflow in an ActiveX control in najdisitoolbar.dll in Najdi.si Toolbar 2.0.4.1 allows remote attackers to cause a denial of service (browser crash) or execute arbitrary code via a long Document.Location property value.
CVE-2009-1291 1 Tibco 4 Enterprise Message Service, Rtworks, Smartsockets and 1 more 2026-04-23 N/A
Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.
CVE-2008-0624 1 Yahoo 1 Music Jukebox 2026-04-23 N/A
Buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! JukeBox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddButton method, a different vulnerability than CVE-2008-0623.
CVE-2008-0629 1 Mplayer 1 Mplayer 2026-04-23 N/A
Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.
CVE-2008-0630 1 Mplayer 1 Mplayer 2026-04-23 N/A
Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.
CVE-2008-0634 1 Sejoong Namo 2 Activesquare, Namoinstall.1 Activex Control 2026-04-23 N/A
Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.
CVE-2008-0958 1 Nctsoft 1 Nctaudioeditor Activex Control 2026-04-23 N/A
Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioGrabber2 ActiveX control in NCTAudioGrabber2.dll allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2008-0987 1 Apple 4 Aperture, Iphoto, Mac Os X and 1 more 2026-04-23 N/A
Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image.
CVE-2009-3569 1 Apache 1 Openoffice.org 2026-04-23 N/A
Stack-based buffer overflow in OpenOffice.org (OOo) allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, aka "Client-side stack overflow exploit." NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2009-3571 1 Openoffice 1 Openoffice.org 2026-04-23 N/A
Unspecified vulnerability in OpenOffice.org (OOo) has unknown impact and client-side attack vector, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, aka "Client-side exploit." NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.