Export limit exceeded: 44133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44133 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2904 | 3 Fedoraproject, Openbsd, Redhat | 5 Fedora, Openssh, Enterprise Linux and 2 more | 2026-04-23 | N/A |
| A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership. | ||||
| CVE-2007-6282 | 1 Redhat | 3 Enterprise Linux, Enterprise Linux Desktop, Enterprise Mrg | 2026-04-23 | N/A |
| The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV. | ||||
| CVE-2009-2566 | 1 Tfm | 1 Mmplayer | 2026-04-23 | N/A |
| Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly 2.0.0.30, allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | ||||
| CVE-2007-6281 | 1 Stbernard | 1 Open File Manager | 2026-04-23 | N/A |
| Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in St. Bernard Open File Manager 9.5 allows remote attackers to execute arbitrary code via a long request. | ||||
| CVE-2007-6285 | 1 Redhat | 1 Enterprise Linux | 2026-04-23 | N/A |
| The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device. | ||||
| CVE-2009-2850 | 1 Nasa Goddard Space Flight Center | 1 Common Data Format | 2026-04-23 | N/A |
| Multiple buffer overflows in NASA Common Data Format (CDF) allow context-dependent attackers to execute arbitrary code, as demonstrated using (1) an array index error in the ReadAEDRList64 function, and other errors in the (2) SearchForRecord_r_64, (3) LastRecord64, (4) CDFsel64, and other unspecified functions. | ||||
| CVE-2007-6352 | 2 Libexif, Redhat | 2 Libexif, Enterprise Linux | 2026-04-23 | N/A |
| Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c. | ||||
| CVE-2007-6341 | 1 Net Dns | 1 Net Dns | 2026-04-23 | N/A |
| Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response. | ||||
| CVE-2009-3794 | 2 Adobe, Redhat | 3 Adobe Air, Flash Player, Rhel Extras | 2026-04-23 | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file. | ||||
| CVE-2007-6327 | 1 Avs Media | 1 Avsmjpegfile.dll | 2026-04-23 | N/A |
| Buffer overflow in a certain ActiveX control in Online Media Technologies AVSMJPEGFILE.DLL 1.1.1.102 allows remote attackers to execute arbitrary code via a long first argument to the CreateStill method. | ||||
| CVE-2007-6273 | 1 Sonicwall | 1 Global Vpn Client | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries. | ||||
| CVE-2010-0036 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | 7.8 High |
| Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. | ||||
| CVE-2007-6262 | 1 Videolan | 1 Vlc Media Player | 2026-04-23 | N/A |
| A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability." | ||||
| CVE-2007-6276 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112. | ||||
| CVE-2007-6353 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2026-04-23 | N/A |
| Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. | ||||
| CVE-2008-2161 | 2 Microsoft, Tftp | 2 All Windows, Tftp Server Sp | 2026-04-23 | N/A |
| Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0507 | 1 Ibm | 1 Websphere Process Server | 2026-04-23 | N/A |
| IBM WebSphere Process Server (WPS) 6.1.2 before 6.1.2.3 and 6.2 before 6.2.0.1 does not properly restrict configuration data during an export of the cluster configuration file from the administrative console, which allows remote authenticated users to obtain the (1) JMSAPI, (2) ESCALATION, and (3) MAILSESSION (aka mail session) cleartext passwords via vectors involving access to a cluster member. | ||||
| CVE-2009-0509 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2026-04-23 | N/A |
| Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to execute arbitrary code via a crafted file that triggers memory corruption. | ||||
| CVE-2009-3848 | 1 Hp | 1 Openview Network Node Manager | 2026-04-23 | N/A |
| Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function. | ||||
| CVE-2007-6387 | 3 Intuit, Microsoft, Vantage Linquistics | 8 Bookkeeping, Proseries, Quickbooks and 5 more | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information. | ||||