Export limit exceeded: 45392 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45392 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2980 | 1 Lead Technologies | 2 Leadtools Raster Image Sdk, Leadtools Raster Isis Object | 2026-04-23 | N/A |
| Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long DriverName property, a different ActiveX control than CVE-2007-2827. | ||||
| CVE-2007-2981 | 1 Lead Technologies | 1 Leadtools Raster Ocr Document Object Library | 2026-04-23 | N/A |
| Buffer overflow in a certain ActiveX control in LEAD Technologies LEADTOOLS Raster OCR Document Object Library (ltrdc14e.dll) 14.5.0.44 allows remote attackers to execute arbitrary code via a long DictionaryFileName property. | ||||
| CVE-2007-2984 | 1 Media Technology Group | 1 Cdpass Activex Control | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the Media Technology Group CDPass ActiveX control in CDPass.dll allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving the GetTOC2 method. | ||||
| CVE-2007-3037 | 1 Microsoft | 1 Windows Media Player | 2026-04-23 | N/A |
| Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka "Windows Media Player Code Execution Vulnerability Parsing Skins." | ||||
| CVE-2007-3039 | 1 Microsoft | 3 Message Queuing, Windows 2000, Windows Xp | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server. | ||||
| CVE-2007-3040 | 1 Microsoft | 1 Windows 2000 | 2026-04-23 | N/A |
| Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205. | ||||
| CVE-2007-3105 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing random numbers to the stack by the pool transfer function involving "bound check ordering". NOTE: this issue might only cross privilege boundaries in environments that have granular assignment of privileges for root. | ||||
| CVE-2009-1071 | 1 Randomsoftware | 1 Icarus | 2026-04-23 | N/A |
| Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file. | ||||
| CVE-2007-3373 | 1 Redhat | 1 Cluster Suite | 2026-04-23 | N/A |
| daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests. | ||||
| CVE-2009-0387 | 2 Gstreamer, Redhat | 3 Good Plug-ins, Plug-ins, Enterprise Linux | 2026-04-23 | N/A |
| Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted Sync Sample (aka stss) atom data in a malformed QuickTime media .mov file, related to "mark keyframes." | ||||
| CVE-2007-3481 | 1 Microsoft | 1 Internet Explorer | 2026-04-23 | N/A |
| Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to bypass the Same Origin Policy and access restricted information from other domains via JavaScript that overwrites the document variable and statically sets the document.domain attribute. NOTE: this issue has been disputed by other researchers, citing a variable scoping issue and information about the semantics of document.domain | ||||
| CVE-2007-3508 | 1 Gentoo | 1 Glibc | 2026-04-23 | N/A |
| Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution | ||||
| CVE-2007-3510 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name. | ||||
| CVE-2007-3551 | 1 Bbs100 | 1 Bbs100 | 2026-04-23 | N/A |
| Buffer overflow in bbs100 before 3.2 allows remote attackers to cause a denial of service (crash) by attempting to login as the Guest user when another Guest user is already logged in, possibly related to the state_login_prompt function in state_login.c. | ||||
| CVE-2008-0223 | 1 Justsystem | 3 Ichitaro, Ichitaro Lite2, Ichitaro Viewer | 2026-04-23 | N/A |
| Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file. | ||||
| CVE-2007-4217 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command. | ||||
| CVE-2007-4219 | 1 Trend Micro | 1 Serverprotect | 2026-04-23 | N/A |
| Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-4222 | 1 Ibm | 1 Lotus Notes | 2026-04-23 | N/A |
| Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email. | ||||
| CVE-2007-4267 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table. | ||||
| CVE-2007-4269 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow. | ||||