Export limit exceeded: 340503 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1348 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0080 | 1 Microsoft | 5 Webdav Mini-redirector, Windows 2003 Server, Windows Server 2003 and 2 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. | ||||
| CVE-2008-0077 | 1 Microsoft | 6 Internet Explorer, Windows 2000, Windows 2003 Server and 3 more | 2025-04-09 | 8.8 High |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability." | ||||
| CVE-2008-0011 | 1 Microsoft | 6 Directx, Windows-nt, Windows 2000 and 3 more | 2025-04-09 | N/A |
| Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability." | ||||
| CVE-2007-6255 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows Server 2003 and 2 more | 2025-04-09 | N/A |
| Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method. | ||||
| CVE-2007-6224 | 2 Microsoft, Realnetworks | 3 Windows Vista, Windows Xp, Realplayer | 2025-04-09 | N/A |
| The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll, as shipped with RealPlayer 11, allows remote attackers to cause a denial of service (browser crash) via a certain argument to the GetSourceTransport method. | ||||
| CVE-2007-6166 | 2 Apple, Microsoft | 5 Mac Os X, Quicktime, Safari and 2 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. | ||||
| CVE-2007-5634 | 2 Almico, Microsoft | 2 Speedfan, Windows Vista | 2025-04-09 | N/A |
| Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, does not properly check a buffer during an IOCTL 0x9c402420 call, which allows local users to cause a denial of service (machine crash) and possibly gain privileges via unspecified vectors. | ||||
| CVE-2007-5633 | 2 Almico, Microsoft | 2 Speedfan, Windows Vista | 2025-04-09 | N/A |
| Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, allows local users to read or write arbitrary MSRs, and gain privileges and load unsigned drivers, via the (1) IOCTL_RDMSR 0x9C402438 and (2) IOCTL_WRMSR 0x9C40243C IOCTLs to \Device\speedfan, as demonstrated by an IOCTL_WRMSR action on MSR_LSTAR. | ||||
| CVE-2007-5355 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2025-04-09 | N/A |
| The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct man-in-the-middle (MITM) attacks. | ||||
| CVE-2007-5350 | 1 Microsoft | 1 Windows Vista | 2025-04-09 | N/A |
| Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Microsoft Windows Vista allows local users to gain privileges via unspecified vectors involving "legacy reply paths." | ||||
| CVE-2007-5133 | 2 3ware, Microsoft | 5 3dm Disk Management Software, Windows 2003 Server, Windows Server 2003 and 2 more | 2025-04-09 | N/A |
| Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png. | ||||
| CVE-2007-4677 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values. | ||||
| CVE-2007-4676 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image. | ||||
| CVE-2007-4675 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama sample atom. | ||||
| CVE-2007-4672 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image. | ||||
| CVE-2007-4671 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to "alter or access" HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain. | ||||
| CVE-2007-4315 | 3 Amd, Ati, Microsoft | 3 Catalyst Driver, Catalyst Driver, Windows Vista | 2025-04-09 | N/A |
| The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill". | ||||
| CVE-2007-4247 | 1 Microsoft | 1 Windows Vista | 2025-04-09 | N/A |
| Windows Calendar on Microsoft Windows Vista allows remote attackers to cause a denial of service (NULL dereference and persistent application crash) via a malformed ICS file. | ||||
| CVE-2007-3901 | 1 Microsoft | 5 Directx, Windows 2000, Windows 2003 Server and 2 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file. | ||||
| CVE-2007-3895 | 1 Microsoft | 5 Directx, Windows 2000, Windows 2003 Server and 2 more | 2025-04-09 | N/A |
| Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file. | ||||