Export limit exceeded: 15636 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15636 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3687 | 1 Xen | 2 Xen, Xen Flask Module | 2026-04-23 | N/A |
| Heap-based buffer overflow in the flask_security_label function in Xen 3.3, when compiled with the XSM:FLASK module, allows unprivileged domain users (domU) to execute arbitrary code via the flask_op hypercall. | ||||
| CVE-2007-4992 | 1 Firebirdsql | 1 Firebird | 2026-04-23 | N/A |
| Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050. | ||||
| CVE-2007-4974 | 1 Mega-nerd | 1 Libsndfile | 2026-04-23 | N/A |
| Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size. | ||||
| CVE-2007-5003 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Protection Suites | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function. | ||||
| CVE-2008-0985 | 1 Google | 1 Android Sdk | 2026-04-23 | N/A |
| Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width. | ||||
| CVE-2008-0048 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via the a long file name to the NSDocument API. | ||||
| CVE-2006-5266 | 1 Microsoft | 1 Dynamics Gp | 2026-04-23 | N/A |
| Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a Distributed Process Server (DPS) message to the DPM or (b) DPS component. | ||||
| CVE-2007-1347 | 1 Microsoft | 3 Windows 2000, Windows Explorer, Windows Xp | 2026-04-23 | N/A |
| Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll. | ||||
| CVE-2008-1015 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. | ||||
| CVE-2008-0964 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | ||||
| CVE-2008-1673 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-04-23 | N/A |
| The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. | ||||
| CVE-2006-6183 | 1 3com | 1 3ctftpsvc | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command. | ||||
| CVE-2006-5269 | 1 Trend Micro | 1 Serverprotect | 2026-04-23 | N/A |
| Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, probably related to an RPC interface. | ||||
| CVE-2007-5436 | 1 Gdata | 1 Antivirus | 2026-04-23 | N/A |
| Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not marked as safe for scripting. | ||||
| CVE-2008-0108 | 1 Microsoft | 2 Office, Works | 2026-04-23 | N/A |
| Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | ||||
| CVE-2007-0777 | 3 Canonical, Mozilla, Redhat | 5 Ubuntu Linux, Firefox, Seamonkey and 2 more | 2026-04-23 | N/A |
| The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption. | ||||
| CVE-2007-0734 | 1 Apple | 2 Airport Extreme, Mac Os X | 2026-04-23 | N/A |
| fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption. | ||||
| CVE-2007-0776 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-04-23 | N/A |
| Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file. | ||||
| CVE-2007-5037 | 1 Inotify | 1 Inotify-tools | 2026-04-23 | N/A |
| Buffer overflow in the inotifytools_snprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename. | ||||
| CVE-2008-2242 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2026-04-23 | N/A |
| Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function. | ||||