Export limit exceeded: 14563 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14563 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1054 | 1 Netwin | 1 Surgemail | 2026-04-23 | N/A |
| Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple long headers to webmail.exe and unspecified other CGI executables, which triggers an overflow when assigning values to environment variables. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5073 | 1 Novell | 1 Zenworks Desktop Management | 2026-04-23 | N/A |
| Heap-based buffer overflow in an ActiveX control in Novell ZENworks Desktop Management 6.5 allows remote attackers to execute arbitrary code via a long argument to the CanUninstall method. | ||||
| CVE-2008-0768 | 2 Ibm, Microsoft | 3 Informix Dynamic Server, Informix Storage Manager, Windows | 2026-04-23 | N/A |
| Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests. | ||||
| CVE-2008-0748 | 1 Sony | 2 Axruploadserver Activex Control, Imagestation | 2026-04-23 | N/A |
| Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0583 | 3 Argyllcms, Ghostscript, Redhat | 3 Argyllcms, Ghostscript, Enterprise Linux | 2026-04-23 | N/A |
| Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. | ||||
| CVE-2008-0725 | 1 Titan | 1 Ftp Server | 2026-04-23 | N/A |
| Multiple heap-based buffer overflows in the (1) FTP service and (2) administration service in Titan FTP Server 6.0.5.549 allow remote attackers to cause a denial of service (daemon hang) and possibly execute arbitrary code via a long command. NOTE: the USER and PASS commands for the FTP service are covered by CVE-2008-0702. | ||||
| CVE-2008-2829 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2026-04-23 | N/A |
| php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function. | ||||
| CVE-2009-2026 | 1 Ca | 4 Advantage Data Transport, It Client Manager, Software Delivery and 1 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data. | ||||
| CVE-2008-4801 | 1 Ibm | 2 Tivoli Storage Manager Client, Tivoli Storage Manager Express | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Data Protection for SQL CAD service (aka dsmcat.exe) in the Client Acceptor Daemon (CAD) and the scheduler in the Backup-Archive client 5.1.0.0 through 5.1.8.1, 5.2.0.0 through 5.2.5.2, 5.3.0.0 through 5.3.6.1, 5.4.0.0 through 5.4.2.2, and 5.5.0.0 through 5.5.0.91 in IBM Tivoli Storage Manager (TSM); and the Backup-Archive client in TSM Express; allows remote attackers to execute arbitrary code by sending a large amount of crafted data to a TCP port. | ||||
| CVE-2008-4776 | 1 Wojtek Kaniewsk | 1 Libgadu | 2026-04-23 | N/A |
| libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read. | ||||
| CVE-2008-0715 | 1 Acdsee | 1 Photo Manager | 2026-04-23 | N/A |
| Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009. | ||||
| CVE-2009-0921 | 1 Hp | 1 Network Node Manager | 2026-04-23 | N/A |
| Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4. | ||||
| CVE-2007-2222 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2026-04-23 | N/A |
| Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the ModeName parameter to the FindEngine function in ACTIVEVOICEPROJECTLib.DirectSS. | ||||
| CVE-2008-2305 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers to execute arbitrary code via a document containing a crafted font, related to "PostScript font names." | ||||
| CVE-2007-5107 | 1 Ask.com | 1 Ask Toolbar | 2026-04-23 | N/A |
| Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain. | ||||
| CVE-2009-0193 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2026-04-23 | N/A |
| Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062. | ||||
| CVE-2007-5892 | 1 Ssreader | 1 Ultra Star Reader | 2026-04-23 | N/A |
| Stack-based buffer overflow in the pdg2.dll ActiveX control in SSReader 4.0 and earlier allow remote attackers to execute arbitrary code via a long argument to the Register method. NOTE: some details were obtained from third party sources. | ||||
| CVE-2009-1096 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2026-04-23 | N/A |
| Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | ||||
| CVE-2009-1097 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2026-04-23 | N/A |
| Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997. | ||||
| CVE-2009-2377 | 1 Avax-software | 1 Avax Vector Activex | 2026-04-23 | N/A |
| Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service (application crash) via a long PrinterName property. | ||||