Export limit exceeded: 341244 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14297 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1188 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2025-04-09 | N/A |
| Multiple buffer overflows in the useEncodingDecl function in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allow remote attackers to execute arbitrary code via a JNLP file with (1) a long key name in the xml header or (2) a long charset value, different issues than CVE-2008-1189, aka "The first two issues." | ||||
| CVE-2008-1167 | 1 Sarg | 1 Squid Analysis Report Generator | 2025-04-09 | N/A |
| Stack-based buffer overflow in the useragent function in useragent.c in Squid Analysis Report Generator (Sarg) 2.2.3.1 allows remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1161 | 1 Matroska | 1 Demuxer | 2025-04-09 | N/A |
| Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes. | ||||
| CVE-2008-0882 | 2 Cups, Redhat | 2 Cups, Enterprise Linux | 2025-04-09 | N/A |
| Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0871 | 1 Now | 1 Sms Mms Gateway | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service. | ||||
| CVE-2008-0778 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in an ActiveX control in QTPlugin.ocx for Apple QuickTime 7.4.1 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the (1) SetBgColor, (2) SetHREF, (3) SetMovieName, (4) SetTarget, and (5) SetMatrix methods. | ||||
| CVE-2008-7162 | 1 Heroshare | 1 Hero Super Player 3000 | 2025-04-09 | N/A |
| Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in a .M3U file. NOTE: this might be related to CVE-2008-4504. | ||||
| CVE-2009-1041 | 1 Freebsd | 1 Freebsd | 2025-04-09 | N/A |
| The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value. | ||||
| CVE-2009-2549 | 1 Bistudio | 2 Arma, Arma 2 | 2025-04-09 | N/A |
| Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value is (1) 0, which triggers a server crash related to memory allocation, or (2) 1, which triggers CPU/memory consumption and a NULL pointer dereference. | ||||
| CVE-2009-2555 | 1 Google | 2 Chrome, V8 | 2025-04-09 | N/A |
| Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression. | ||||
| CVE-2009-2556 | 1 Google | 1 Chrome | 2025-04-09 | N/A |
| Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation. | ||||
| CVE-2009-2559 | 1 Wireshark | 1 Wireshark | 2025-04-09 | N/A |
| Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2566 | 1 Tfm | 1 Mmplayer | 2025-04-09 | N/A |
| Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly 2.0.0.30, allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | ||||
| CVE-2009-2568 | 1 Sorinara | 1 Streaming Audio Player | 2025-04-09 | N/A |
| Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | ||||
| CVE-2009-2570 | 1 Symantec | 1 Winfax Pro | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Symantec.FaxViewerControl.1 ActiveX control in WinFax\DCCFAXVW.DLL in Symantec WinFax Pro 10.03 allows remote attackers to execute arbitrary code via a long argument to the AppendFax method. | ||||
| CVE-2009-2578 | 1 Google | 1 Chrome | 2025-04-09 | N/A |
| Google Chrome 2.x through 2.0.172 allows remote attackers to cause a denial of service (application crash) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. | ||||
| CVE-2009-2582 | 1 Akamai Technologies | 1 Download Manager | 2025-04-09 | N/A |
| Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2007-1891 and CVE-2007-1892. | ||||
| CVE-2009-2617 | 1 Baofeng | 1 Storm | 2025-04-09 | N/A |
| Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote attackers to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file. | ||||
| CVE-2009-2621 | 1 Squid-cache | 1 Squid | 2025-04-09 | N/A |
| Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc. | ||||
| CVE-2009-2632 | 2 Cmu, Redhat | 2 Cyrus Imap Server, Enterprise Linux | 2025-04-09 | N/A |
| Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error. | ||||