Export limit exceeded: 363426 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (45955 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3709 1 Konae 1 Alleycode Html Editor 2026-04-23 N/A
Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a TITLE tag.
CVE-2009-3707 1 Vmware 4 Ace, Player, Server and 1 more 2026-04-23 N/A
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "format string DoS" issue. NOTE: some of these details are obtained from third party information.
CVE-2008-5281 1 South River Technologies 1 Titan Ftp Server 2026-04-23 N/A
Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command.
CVE-2008-5235 1 Xine 1 Xine 2026-04-23 N/A
Heap-based buffer overflow in the demux_real_send_chunk function in src/demuxers/demux_real.c in xine-lib before 1.1.15 allows remote attackers to execute arbitrary code via a crafted Real Media file. NOTE: some of these details are obtained from third party information.
CVE-2009-3604 6 Foolabs, Glyphandcog, Gnome and 3 more 6 Xpdf, Xpdfreader, Gpdf and 3 more 2026-04-23 N/A
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.
CVE-2009-3605 1 Poppler 1 Poppler 2026-04-23 N/A
Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.
CVE-2009-3608 8 Foolabs, Glyph And Cog, Glyphandcog and 5 more 8 Xpdf, Pdftops, Xpdfreader and 5 more 2026-04-23 N/A
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
CVE-2009-0036 2 Libvirt, Redhat 2 Libvirt, Rhel Virtualization 2026-04-23 N/A
Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check.
CVE-2008-5409 3 Bitdefender, Bullguard, Software602 4 Antivirus, Bitdefender, Internet Security and 1 more 2026-04-23 N/A
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.
CVE-2008-5234 1 Xine 1 Xine-lib 2026-04-23 N/A
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow remote attackers to execute arbitrary code via vectors related to (1) a crafted metadata atom size processed by the parse_moov_atom function in demux_qt.c and (2) frame reading in the id3v23_interp_frame function in id3.c. NOTE: as of 20081122, it is possible that vector 1 has not been fixed in 1.1.15.
CVE-2009-3606 5 Foolabs, Glyphandcog, Kde and 2 more 5 Xpdf, Xpdfreader, Kpdf and 2 more 2026-04-23 N/A
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.
CVE-2009-4124 1 Ruby-lang 1 Ruby 2026-04-23 N/A
Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. NOTE: some of these details are obtained from third party information.
CVE-2007-3286 1 Avaya 1 Ip Soft Phone 2026-04-23 N/A
Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2009-3183 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.
CVE-2009-4117 1 Sumatrapdfreader 1 Sumatrapdf 2026-04-23 N/A
Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a /Decode array for certain types of shading that are not properly handled by the (1) pdf_loadtype4shade, (2) pdf_loadtype5shade, (3) pdf_loadtype6shade, and (4) pdf_loadtype7shade functions. NOTE: some of these details are obtained from third party information.
CVE-2009-0893 1 Xvid 1 Xvid 2026-04-23 N/A
Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid before 1.2.2, as used by Windows Media Player and other applications, allow remote attackers to execute arbitrary code by providing a crafted macroblock (aka MBlock) number in a video stream in a crafted movie file that triggers heap memory corruption, related to a "missing resync marker range check" and the (1) decoder_iframe, (2) decoder_pframe, and (3) decoder_bframe functions.
CVE-2009-3746 1 Sun 1 Solaris 2026-04-23 N/A
XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276 and CVE-2009-2711.
CVE-2009-3609 7 Foolabs, Glyph And Cog, Glyphandcog and 4 more 7 Xpdf, Pdftops, Xpdfreader and 4 more 2026-04-23 N/A
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
CVE-2007-2931 1 Microsoft 2 Msn Messenger, Windows Live Messenger 2026-04-23 N/A
Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.
CVE-2009-4097 1 Malsmith 1 Serenity Audio Player 2026-04-23 N/A
Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information.