Search Results (15960 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3908 1 Princeton University 1 Wordnet 2026-04-23 N/A
Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file). NOTE: since WordNet itself does not run with special privileges, this issue only crosses privilege boundaries when WordNet is invoked as a third party component.
CVE-2008-3911 1 Linux 1 Linux Kernel 2026-04-23 N/A
The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified other impact via a crafted read system call for the /proc/sys/sunrpc/transports file.
CVE-2008-3916 2 Gnu, Redhat 2 Ed, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component.
CVE-2008-3971 1 Gmanedit2 1 Gmanedit 2026-04-23 N/A
Heap-based buffer overflow in the open_man_file function in callbacks.c in gmanedit 0.4.1 allows remote attackers to execute arbitrary code via a crafted man page, which is not properly handled during utf8 conversion. NOTE: another overflow was reported using a configuration file, but that vector does not have a scenario that crosses privilege boundaries.
CVE-2008-4025 1 Microsoft 8 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Outlook and 5 more 2026-04-23 N/A
Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via (1) an RTF file or (2) a rich text e-mail message containing an invalid number of points for a polyline or polygon, which triggers a heap-based buffer overflow, aka "Word RTF Object Parsing Vulnerability."
CVE-2008-4922 2 Djvu, Microsoft 2 Activex Control For Microsoft Office 2000, Office 2026-04-23 N/A
Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties.
CVE-2008-6252 1 Smcfancontrol 1 Smcfancontrol 2026-04-23 N/A
Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute arbitrary code and gain privileges via a long -k option.
CVE-2008-4933 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function.
CVE-2008-5032 1 Videolan 1 Vlc Media Player 2026-04-23 N/A
Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.
CVE-2007-6403 1 Winamp 1 Nullsoft Winamp 2026-04-23 N/A
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certain menu option at the time of the attack.
CVE-2008-5030 1 Libcaudio 1 Libcaudio 2026-04-23 N/A
Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 allows remote CDDB servers to execute arbitrary code via long CDDB data.
CVE-2008-5134 2 Linux, Redhat 2 Linux Kernel, Enterprise Mrg 2026-04-23 N/A
Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response."
CVE-2008-5048 1 Isecsoft 1 Anti-trojan Elite 2026-04-23 N/A
Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long inputs to the 0x00222494 IOCTL.
CVE-2009-3708 1 Konae 1 Alleycode Html Editor 2026-04-23 N/A
Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a (1) description or (2) keyword META tag. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5049 1 Isecsoft 1 Anti-keylogger Elite 2026-04-23 N/A
Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and earlier, and possibly other versions including 3.3.3, allows local users to gain privileges via long inputs to the (1) 0x002224A4, (2) 0x002224C0, and (3) 0x002224CC IOCTL.
CVE-2008-5050 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow.
CVE-2008-5120 1 Hp 1 Openvms 2026-04-23 N/A
Stack-based buffer overflow in the Process Software MultiNet finger service (aka FINGERD) for HP OpenVMS 8.3 allows remote attackers to execute arbitrary code via a long request string.
CVE-2008-5091 1 Novell 1 Edirectory 2026-04-23 N/A
Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter."
CVE-2009-1640 1 Nucleustechnologies 1 Kernel Recovery 2026-04-23 N/A
Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery for Macintosh 4.04 allows user-assisted attackers to execute arbitrary code via a crafted .AMHH file.
CVE-2008-2547 1 Microsoft 1 Windows Installer 2026-04-23 N/A
Stack-based buffer overflow in msiexec.exe 3.1.4000.1823 and 4.5.6001.22159 in Microsoft Windows Installer allows context-dependent attackers to execute arbitrary code via a long GUID value for the /x (aka /uninstall) option. NOTE: this issue might cross privilege boundaries if msiexec.exe is reachable via components such as ActiveX controls, and might additionally require a separate vulnerability in the control.