Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0016 | 1 Mozilla | 2 Firefox, Seamonkey | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link. | |||||
| CVE-2008-5245 | 1 Xine | 1 Xine-lib | 2024-02-04 | 9.3 HIGH | N/A |
| xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c. | |||||
| CVE-2008-4555 | 1 Graphviz | 1 Graphviz | 2024-02-04 | 8.5 HIGH | N/A |
| Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements. | |||||
| CVE-2008-5839 | 1 Foxmail | 1 Foxmail | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element. | |||||
| CVE-2009-0663 | 2 Cmu, Perl | 2 Dbd\, Perl | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows. | |||||
| CVE-2008-4556 | 1 Sun | 1 Solaris | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request. | |||||
| CVE-2009-3794 | 1 Adobe | 2 Adobe Air, Flash Player | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file. | |||||
| CVE-2009-3254 | 1 Ultimatevideosite | 1 Ultimate Player | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file. | |||||
| CVE-2009-1586 | 1 Shemes | 1 Grabit | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file. | |||||
| CVE-2009-3031 | 1 Symantec | 3 Altiris Deployment Solution, Altiris Management Platform, Altiris Notification Server | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtilities ActiveX control 6.0.0.1846 in AeXNSConsoleUtilities.dll in Symantec Altiris Notification Server (NS) 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3, and Symantec Management Platform (SMP) 7.0 before SP3 allows remote attackers to execute arbitrary code via a long string in the second argument. | |||||
| CVE-2009-0954 | 1 Apple | 1 Quicktime | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types. | |||||
| CVE-2009-0263 | 1 Nullsoft | 1 Winamp | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file. | |||||
| CVE-2009-0833 | 2 Myplugins, Nullsoft | 2 Gen Msn, Winamp | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4922 | 2 Djvu, Microsoft | 2 Activex Control For Microsoft Office 2000, Office | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties. | |||||
| CVE-2008-5281 | 1 South River Technologies | 1 Titan Ftp Server | 2024-02-04 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command. | |||||
| CVE-2009-2026 | 1 Ca | 4 Advantage Data Transport, It Client Manager, Software Delivery and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data. | |||||
| CVE-2009-4108 | 1 Dxm2008 | 1 Xm Easy Personal Ftp Server | 2024-02-04 | 4.0 MEDIUM | N/A |
| XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (crash) by uploading or creating a large number of files or directories, then performing a LIST command. | |||||
| CVE-2009-0397 | 1 Gstreamer | 2 Good Plug-ins, Plug-ins | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | |||||
| CVE-2008-1704 | 1 Tibco | 2 Enterprise Message Service, Iprocess Engine | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple buffer overflows in TIBCO Software Enterprise Message Service (EMS) before 4.4.3, and iProcess Engine 10.6.0 through 10.6.1, allow remote attackers to execute arbitrary code via a crafted message to the EMS server. | |||||
| CVE-2008-2327 | 1 Libtiff | 1 Libtiff | 2024-02-04 | 6.8 MEDIUM | N/A |
| Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. | |||||