Export limit exceeded: 14204 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14204 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2175 | 1 Henning Makholm | 1 Xcftools | 2025-04-09 | N/A |
| Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the (1) xcf2pnm and (2) xcf2png utilities, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image that causes a conversion to a location "above or to the left of the canvas." NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5137 | 2 Redhat, Tcl Tk | 2 Enterprise Linux, Tcl Tk | 2025-04-09 | N/A |
| Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378. | ||||
| CVE-2007-5145 | 1 Microsoft | 1 Windows Xp | 2025-04-09 | N/A |
| Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows Explorer (explorer.exe) 6.00.2900.2180, Don Ho Notepad++, unspecified Adobe Macromedia applications, and other programs, allow user-assisted remote attackers to cause a denial of service (application crash) via long strings in the (1) author, (2) title, (3) subject, and (4) comment Properties fields of a file, possibly involving improper handling of extended file attributes by the (a) NtQueryInformationFile, (b) NtQueryDirectoryFile, (c) NtSetInformationFile, (d) FileAllInformation, (e) FileNameInformation, and other FILE_INFORMATION_CLASS functions in ntdll.dll and the (f) GetFileAttributesExW and (g) GetFileAttributesW functions in kernel32.dll, a related issue to CVE-2007-1347. | ||||
| CVE-2008-0964 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | ||||
| CVE-2008-1026 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2025-04-09 | N/A |
| Integer overflow in the PCRE regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-3373 | 1 Redhat | 1 Cluster Suite | 2025-04-09 | N/A |
| daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests. | ||||
| CVE-2008-1022 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted VR movie with an obji atom of zero size. | ||||
| CVE-2008-2786 | 1 Mozilla | 1 Firefox | 2025-04-09 | N/A |
| Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes. | ||||
| CVE-2008-1018 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom. | ||||
| CVE-2008-3162 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-09 | N/A |
| Stack-based buffer overflow in the str_read_packet function in libavformat/psxstr.c in FFmpeg before r13993 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted STR file that interleaves audio and video sectors. | ||||
| CVE-2008-0882 | 2 Cups, Redhat | 2 Cups, Enterprise Linux | 2025-04-09 | N/A |
| Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1581 | 2 Apple, Microsoft | 3 Quicktime, Windows Vista, Windows Xp | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image. | ||||
| CVE-2007-6227 | 1 Qemu | 1 Qemu | 2025-04-09 | N/A |
| QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com. | ||||
| CVE-2007-4472 | 1 Broderbund | 1 Expressit 3dgreetings Player | 2025-04-09 | N/A |
| Multiple buffer overflows in the Broderbund Expressit 3DGreetings Player ActiveX control could allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2008-6070 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-09 | N/A |
| Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0674 | 1 Pcre | 1 Pcre | 2025-04-09 | N/A |
| Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255. | ||||
| CVE-2008-0947 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2025-04-09 | N/A |
| Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors. | ||||
| CVE-2007-4470 | 1 Er Mapper | 1 Image Web Server Ecw Jpeg 2000 Plug-in | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2008-0108 | 1 Microsoft | 2 Office, Works | 2025-04-09 | N/A |
| Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | ||||
| CVE-2008-5262 | 1 Devil | 1 Developers Image Library | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file. | ||||