Export limit exceeded: 14209 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14209 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0836 | 1 Foxitsoftware | 1 Reader | 2025-04-09 | N/A |
| Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action. | ||||
| CVE-2008-2541 | 1 Ca | 1 Etrust Secure Content Manager | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command. | ||||
| CVE-2007-5256 | 1 Mcdu | 1 Fsd | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow (1) remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and (2) remote authenticated users to execute arbitrary code via long commands on TCP port 6809 to the servinterface::sendmulticast function in servinterface.cc, as demonstrated by a PIcallsign command. | ||||
| CVE-2007-1659 | 2 Pcre, Redhat | 2 Pcre, Enterprise Linux | 2025-04-09 | N/A |
| Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes. | ||||
| CVE-2008-1109 | 2 Gnome, Redhat | 2 Evolution, Enterprise Linux | 2025-04-09 | N/A |
| Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window). | ||||
| CVE-2009-4178 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | N/A |
| Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter. | ||||
| CVE-2008-5078 | 2 Gnu, Redhat | 2 Escript, Enterprise Linux | 2025-04-09 | N/A |
| Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename. | ||||
| CVE-2009-0036 | 2 Libvirt, Redhat | 2 Libvirt, Rhel Virtualization | 2025-04-09 | N/A |
| Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check. | ||||
| CVE-2008-5106 | 1 Karjasoft | 1 Sami Ftp Server | 2025-04-09 | N/A |
| Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console. NOTE: this may overlap CVE-2006-0441 and CVE-2006-2212. | ||||
| CVE-2008-5245 | 1 Xine | 1 Xine-lib | 2025-04-09 | N/A |
| xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c. | ||||
| CVE-2009-4176 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe. | ||||
| CVE-2008-5722 | 1 Sawstudio | 1 Sawstudio | 2025-04-09 | N/A |
| Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file. | ||||
| CVE-2009-2685 | 1 Hp | 1 Power Manager | 2025-04-09 | N/A |
| Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable. | ||||
| CVE-2009-4376 | 1 Wireshark | 1 Wireshark | 2025-04-09 | N/A |
| Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. | ||||
| CVE-2009-0019 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Remote Apple Events in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) or obtain sensitive information via unspecified vectors that trigger an out-of-bounds memory access. | ||||
| CVE-2008-0411 | 6 Debian, Ghostscript, Mandrakesoft and 3 more | 14 Debian Linux, Ghostscript, Mandrake Linux and 11 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator. | ||||
| CVE-2007-5722 | 1 Ourgame.com | 2 Globallink, Glworld | 2025-04-09 | N/A |
| Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx 2.5.1.32 in GlobalLink 2.7.0.8, as used in Ourgame GLWorld and possibly other products, allows remote attackers to execute arbitrary code via a long first argument to the ConnectAndEnterRoom method, possibly involving the GLCHAT.GLChatCtrl.1 control, as originally exploited in the wild in October 2007. NOTE: some of these details are obtained from third party information. NOTE: this was originally reported as a heap-based issue by some sources. | ||||
| CVE-2007-6425 | 1 Hp | 1 Hp-ux | 2025-04-09 | N/A |
| Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2007-0988 | 3 Canonical, Php, Redhat | 5 Ubuntu Linux, Php, Enterprise Linux and 2 more | 2025-04-09 | N/A |
| The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument. | ||||
| CVE-2007-5709 | 1 Sony | 1 Sonicstage Connect Player | 2025-04-09 | N/A |
| Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file. | ||||