Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1389 | 1 Linux | 2 Kernel, Linux Kernel | 2024-02-04 | 7.8 HIGH | N/A |
| Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet. | |||||
| CVE-2009-1382 | 1 Forkosh | 1 Mimetex | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags. | |||||
| CVE-2008-7174 | 1 Juracapecoffee | 2 Internet Connectivity Kit, Jura Impressa | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors related to improper use of the gets and sprintf functions. | |||||
| CVE-2009-2175 | 1 Henning Makholm | 1 Xcftools | 2024-02-04 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the (1) xcf2pnm and (2) xcf2png utilities, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image that causes a conversion to a location "above or to the left of the canvas." NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5386 | 1 Ibm | 1 Aix | 2024-02-04 | 6.9 MEDIUM | N/A |
| Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-3892 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a call to the GuestInfo method in which there is a long string argument, and an assignment of a long string value to the result of this call. NOTE: this may overlap CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, or CVE-2008-3696. | |||||
| CVE-2009-3483 | 1 Globalscape | 1 Cuteftp | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label. | |||||
| CVE-2008-2474 | 1 Abb | 1 Pcu400 | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface. | |||||
| CVE-2008-5364 | 2 Adobe, Nos Microsystems | 2 Acrobat Reader, Getplus Download Manager | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2008-4817. | |||||
| CVE-2009-1645 | 1 Mini-stream | 1 Easy Rm-mp3 Converter | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. | |||||
| CVE-2008-2426 | 1 Carsten Haitzler | 1 Imlib2 | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src/modules/loaders/loader_pnm.c; or (2) a crafted XPM image, related to the load function in src/modules/loader_xpm.c. | |||||
| CVE-2008-5036 | 1 Videolan | 1 Vlc Media Player | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110. | |||||
| CVE-2008-7004 | 1 Elog | 1 Elog | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c. | |||||
| CVE-2009-1430 | 1 Symantec | 5 Antivirus, Antivirus Central Quarantine Server, Client Security and 2 more | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process. | |||||
| CVE-2008-4473 | 2 Adobe, Microsoft | 2 Flash Player, Windows | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters. | |||||
| CVE-2009-3717 | 1 Lucvil | 1 Patplayer | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2008-2320 | 1 Apple | 3 Carboncore, Mac Os X, Mac Os X Server | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long filename to the file management API. | |||||
| CVE-2008-6252 | 1 Smcfancontrol | 1 Smcfancontrol | 2024-02-04 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute arbitrary code and gain privileges via a long -k option. | |||||
| CVE-2008-2851 | 1 Offsystem | 1 Offsystem | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown impact via unspecified vectors related to "parsing of http headers." | |||||
| CVE-2009-4049 | 1 Avast | 2 Avast Antivirus Home, Avast Antivirus Professional | 2024-02-04 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024. | |||||