Export limit exceeded: 15442 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15442 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2384 | 1 Mathi | 1 Peamp | 2025-04-09 | N/A |
| Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2364 | 1 Mp3-nator | 1 Mp3-nator | 2025-04-09 | N/A |
| Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers to execute arbitrary code via (1) a long string in a .plf file and (2) a long string in the listdata.dat file, possibly related to a track entry. | ||||
| CVE-2009-2363 | 1 Yukudr | 1 Audioplus | 2025-04-09 | N/A |
| Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument. | ||||
| CVE-2009-2362 | 1 Yukudr | 1 Audioplus | 2025-04-09 | N/A |
| Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows remote attackers to execute arbitrary code via a long string in a (1) .lst or (2) .m3u playlist file. | ||||
| CVE-2009-2356 | 1 Dan Cahill | 1 Nulllogic Groupware | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the pgsqlQuery function in NullLogic Groupware 1.2.7, when PostgreSQL is used, might allow remote attackers to execute arbitrary code via input to the (1) POP3, (2) SMTP, or (3) web component that triggers a long SQL query. | ||||
| CVE-2009-2298 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | N/A |
| Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420. | ||||
| CVE-2009-2286 | 1 James Ashton | 1 Compface | 2025-04-09 | N/A |
| Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch. | ||||
| CVE-2009-2285 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-09 | N/A |
| Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. | ||||
| CVE-2009-2281 | 2 Osgeo, Umn | 2 Mapserver, Mapserver | 2025-04-09 | N/A |
| Multiple heap-based buffer underflows in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x through 4.10.4 and 5.x before 5.4.2 allow remote attackers to execute arbitrary code via (1) a crafted Content-Length HTTP header or (2) a large HTTP request, related to an integer overflow that triggers a heap-based buffer overflow. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-0840. | ||||
| CVE-2009-2227 | 1 Blabsoft | 1 Bopup Communication Server | 2025-04-09 | N/A |
| Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrary code via a crafted request to TCP port 19810. | ||||
| CVE-2009-2225 | 1 Surething | 1 Surething Cd\/dvd Labeler | 2025-04-09 | N/A |
| Stack-based buffer overflow in SureThing CD/DVD Labeler 5.1.616 trial version allows user-assisted remote attackers to execute arbitrary code via a crafted (1) m3u or (2) pls playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2206 | 1 Apple | 2 Iphone Os, Ipod Touch | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. | ||||
| CVE-2009-2205 | 1 Apple | 5 Java 1.4, Java 1.5, Java 1.6 and 2 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Java Web Start command launcher in Java for Mac OS X 10.5 before Update 5 allows attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2009-1944 | 1 Aimp | 1 Aimp | 2025-04-09 | N/A |
| Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. | ||||
| CVE-2009-1929 | 1 Microsoft | 4 Windows 2003 Server, Windows Server 2008, Windows Vista and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in the Microsoft Terminal Services Client ActiveX control running RDP 6.1 on Windows XP SP2, Vista SP1 or SP2, or Server 2008 Gold or SP2; or 5.2 or 6.1 on Windows XP SP3; allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability." | ||||
| CVE-2009-1923 | 1 Microsoft | 2 Windows 2000, Windows 2003 Server | 2025-04-09 | N/A |
| Heap-based buffer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow Vulnerability." | ||||
| CVE-2009-1915 | 1 Icq | 1 Icq | 2025-04-09 | N/A |
| Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file. | ||||
| CVE-2009-1897 | 1 Linux | 1 Linux Kernel | 2025-04-09 | N/A |
| The tun_chr_poll function in drivers/net/tun.c in the tun subsystem in the Linux kernel 2.6.30 and 2.6.30.1, when the -fno-delete-null-pointer-checks gcc option is omitted, allows local users to gain privileges via vectors involving a NULL pointer dereference and an mmap of /dev/net/tun, a different vulnerability than CVE-2009-1894. | ||||
| CVE-2009-1885 | 1 Apache | 1 Xerces-c\+\+ | 2025-04-09 | N/A |
| Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework. | ||||
| CVE-2009-1868 | 2 Adobe, Redhat | 4 Air, Flash Player, Flex and 1 more | 2025-04-09 | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing. | ||||