Export limit exceeded: 14740 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (14740 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0184 1 Free Download Manager 1 Free Download Manager 2026-04-23 N/A
Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file.
CVE-2007-5548 1 Cisco 1 Ios 2026-04-23 N/A
Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2007-6315 1 Real Time Logic 2 Barracudadrive Web Server, Barracudadrive Web Server Home Server 2026-04-23 N/A
Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection ID, which results in a NULL pointer dereference.
CVE-2007-1864 4 Canonical, Debian, Php and 1 more 7 Ubuntu Linux, Debian Linux, Php and 4 more 2026-04-23 N/A
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
CVE-2008-1573 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The BMP and GIF image decoding engine in ImageIO in Apple Mac OS X before 10.5.3 allows remote attackers to obtain sensitive information (memory contents) via a crafted (1) BMP or (2) GIF image, which causes an out-of-bounds read.
CVE-2008-0748 1 Sony 2 Axruploadserver Activex Control, Imagestation 2026-04-23 N/A
Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. NOTE: some of these details are obtained from third party information.
CVE-2007-5365 5 Debian, Openbsd, Redhat and 2 more 7 Debian Linux, Openbsd, Enterprise Linux and 4 more 2026-04-23 N/A
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
CVE-2007-6277 2 Flac, Redhat 2 Libflac, Enterprise Linux 2026-04-23 N/A
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size, (4) Picture Description Size, (5) Picture Data Length, (6) Padding Length, and (7) PICTURE Metadata width and height values in a .FLAC file, which result in a heap-based overflow; and large (8) VORBIS Comment String Size Length, (9) Picture MIME-Type, (10) Picture MIME-Type URL, and (11) Picture Description Length values in a .FLAC file, which result in a stack-based overflow. NOTE: some of these issues may overlap CVE-2007-4619.
CVE-2007-5758 1 Ibm 1 Db2 Universal Database 2026-04-23 N/A
Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable.
CVE-2008-0017 4 Canonical, Debian, Mozilla and 1 more 5 Ubuntu Linux, Debian Linux, Firefox and 2 more 2026-04-23 N/A
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP index response with a crafted 200 header, which triggers memory corruption and a buffer overflow.
CVE-2008-3408 1 Coolplayer 1 Coolplayer 2026-04-23 N/A
Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file.
CVE-2007-5764 1 Ibm 1 Aix 2026-04-23 N/A
Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.
CVE-2007-5330 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2026-04-23 N/A
The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers.
CVE-2008-4556 1 Sun 1 Solaris 2026-04-23 N/A
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.
CVE-2007-5395 2 Abiword, Link Grammar 2 Abiword Link Grammar, Link Grammar 2026-04-23 N/A
Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function.
CVE-2007-4572 2 Redhat, Samba 2 Enterprise Linux, Samba 2026-04-23 N/A
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.
CVE-2009-2896 1 Kde 1 Kmplayer 2026-04-23 N/A
Buffer overflow in KMplayer 2.9.4.1433 and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a subtitle (.srt) playlist file. NOTE: some of these details are obtained from third party information.
CVE-2007-5358 1 Digium 1 Asterisk 2026-04-23 N/A
Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using IMAP storage, might allow (1) remote attackers to execute arbitrary code via a long combination of Content-type and Content-description headers, or (2) local users to execute arbitrary code via a long combination of astspooldir, voicemail context, and voicemail mailbox fields. NOTE: vector 2 requires write access to Asterisk configuration files.
CVE-2008-5101 1 Optipng 1 Optipng 2026-04-23 N/A
Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow."
CVE-2008-0443 1 Lycos 1 Fileuploader.dll 2026-04-23 N/A
Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value. NOTE: some of these details are obtained from third party information.