Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5711 | 1 Facebook | 1 Photouploader | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value. | |||||
| CVE-2009-1154 | 1 Cisco | 1 Ios Xr | 2024-02-04 | 3.3 LOW | N/A |
| Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. | |||||
| CVE-2009-2934 | 1 Programmedintegration | 1 Pipl | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file. | |||||
| CVE-2008-2158 | 1 Emc Corporation | 1 Alphastor | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 SP1 for Windows allow remote attackers to execute arbitrary code via crafted TCP packets to port 41025. | |||||
| CVE-2008-0066 | 2 Autonomy, Ibm | 2 Keyview, Lotus Notes | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. | |||||
| CVE-2009-2957 | 1 Thekelleys | 1 Dnsmasq | 2024-02-04 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request. | |||||
| CVE-2008-3577 | 1 Openttd | 1 Openttd | 2024-02-04 | 4.6 MEDIUM | N/A |
| Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments. | |||||
| CVE-2008-5282 | 1 W3c | 1 Amaya Web Browser | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via (1) a link with a long HREF attribute, and (2) a DIV tag with a long id attribute. | |||||
| CVE-2009-3878 | 2 Intevydis, Sun | 2 Vulndisco Pack, Java System Web Server | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-4563 | 2 Ibm, Microsoft | 3 Tivoli Storage Manager, Tivoli Storage Manager Express, Windows | 2024-02-04 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value. | |||||
| CVE-2009-3809 | 1 Acoustica | 1 Mp3 Audio Mixer | 2024-02-04 | 4.3 MEDIUM | N/A |
| Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote attackers to cause a denial of service (crash) via a long string in a .sgp playlist file. | |||||
| CVE-2008-2503 | 1 Sourceforge | 1 Emule X-ray | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in Uploadlist in eMule X-Ray before 1.4 has unknown impact and remote attack vectors. | |||||
| CVE-2009-0920 | 1 Hp | 1 Network Node Manager | 2024-02-04 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long OvOSLocale cookie, a variant of CVE-2008-0067. | |||||
| CVE-2008-4779 | 1 Tguzip | 1 Tguzip | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file. | |||||
| CVE-2008-3863 | 1 Gnu | 1 Enscript | 2024-02-04 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command. | |||||
| CVE-2009-0812 | 1 Bpsoft | 1 Hex Workshop | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3811 | 1 Assistanttools | 1 Music Tag Editor | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Music Tag Editor 1.61 build 212 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1182 | 4 Apple, Foolabs, Glyphandcog and 1 more | 4 Cups, Xpdf, Xpdfreader and 1 more | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2008-3169 | 1 Empire Server | 1 Empire Server | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3148 | 2 Mackt, Ollydbg | 2 Imprec, Ollydbg | 2024-02-04 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string. | |||||