Export limit exceeded: 45397 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45397 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5396 | 1 Miranda-im | 1 Miranda Im | 2026-04-23 | N/A |
| Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle (who). | ||||
| CVE-2007-5397 | 1 Activepdf | 1 Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size of the data. | ||||
| CVE-2009-2555 | 1 Google | 2 Chrome, V8 | 2026-04-23 | N/A |
| Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression. | ||||
| CVE-2007-5398 | 2 Redhat, Samba | 3 Enterprise Linux, Rhel Eus, Samba | 2026-04-23 | N/A |
| Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request. | ||||
| CVE-2007-5399 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2026-04-23 | N/A |
| Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename. | ||||
| CVE-2009-2556 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation. | ||||
| CVE-2009-2559 | 1 Wireshark | 1 Wireshark | 2026-04-23 | N/A |
| Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5400 | 3 Real, Realnetworks, Redhat | 3 Realplayer, Realplayer, Rhel Extras | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file. | ||||
| CVE-2009-2562 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | ||||
| CVE-2008-5868 | 1 Intellitamper | 1 Intellitamper | 2026-04-23 | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file. | ||||
| CVE-2007-5416 | 1 Drupal | 1 Drupal | 2026-04-23 | N/A |
| Drupal 5.2 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by invoking the drupal_eval function through a callback parameter to the default URI, as demonstrated by the _menu[callbacks][1][callback] parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Drupal. | ||||
| CVE-2007-5419 | 1 3com | 1 3crwe554g72t | 2026-04-23 | N/A |
| The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface. | ||||
| CVE-2009-2566 | 1 Tfm | 1 Mmplayer | 2026-04-23 | N/A |
| Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly 2.0.0.30, allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | ||||
| CVE-2007-5436 | 1 Gdata | 1 Antivirus | 2026-04-23 | N/A |
| Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not marked as safe for scripting. | ||||
| CVE-2009-2568 | 1 Sorinara | 1 Streaming Audio Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | ||||
| CVE-2009-2570 | 1 Symantec | 1 Winfax Pro | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method. | ||||
| CVE-2007-5699 | 1 Eiqnetworks | 1 Enterprise Security Analyzer | 2026-04-23 | N/A |
| Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote attackers to execute arbitrary code via certain data on TCP port 10616 that results in a long argument to the SEARCHREPORT command, a different vector than CVE-2007-2059. | ||||
| CVE-2009-2660 | 1 Jun Furuse | 1 Camlimages | 2026-04-23 | N/A |
| Multiple integer overflows in CamlImages 2.2 might allow context-dependent attackers to execute arbitrary code via images containing large width and height values that trigger a heap-based buffer overflow, related to (1) crafted GIF files (gifread.c) and (2) crafted JPEG files (jpegread.c), a different vulnerability than CVE-2009-2295. | ||||
| CVE-2007-5722 | 1 Ourgame.com | 2 Globallink, Glworld | 2026-04-23 | N/A |
| Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx 2.5.1.32 in GlobalLink 2.7.0.8, as used in Ourgame GLWorld and possibly other products, allows remote attackers to execute arbitrary code via a long first argument to the ConnectAndEnterRoom method, possibly involving the GLCHAT.GLChatCtrl.1 control, as originally exploited in the wild in October 2007. NOTE: some of these details are obtained from third party information. NOTE: this was originally reported as a heap-based issue by some sources. | ||||
| CVE-2009-2662 | 1 Mozilla | 1 Firefox | 2026-04-23 | N/A |
| The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in js/src/jstracer.cpp, and unspecified other vectors. | ||||