Search Results (45954 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3827 1 Mplayer 1 Mplayer 2026-04-23 N/A
Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.
CVE-2008-5048 1 Isecsoft 1 Anti-trojan Elite 2026-04-23 N/A
Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long inputs to the 0x00222494 IOCTL.
CVE-2009-1130 1 Microsoft 2 Office, Office Powerpoint 2026-04-23 N/A
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted structure in a Notes container in a PowerPoint file that causes PowerPoint to read more data than was allocated when creating a C++ object, leading to an overwrite of a function pointer, aka "Heap Corruption Vulnerability."
CVE-2006-5937 1 Grisoft 1 Avg Antivirus 2026-04-23 N/A
Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVE-2008-7162 1 Heroshare 1 Hero Super Player 3000 2026-04-23 N/A
Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in a .M3U file. NOTE: this might be related to CVE-2008-4504.
CVE-2009-1372 1 Clamav 1 Clamav 2026-04-23 N/A
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.
CVE-2008-3828 2 Condor Project, Redhat 2 Condor, Enterprise Mrg 2026-04-23 N/A
Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
CVE-2009-3484 1 Coreftp 1 Core Ftp 2026-04-23 N/A
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information.
CVE-2009-0511 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2026-04-23 N/A
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0512, CVE-2009-0888, and CVE-2009-0889.
CVE-2008-0947 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-23 N/A
Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.
CVE-2008-3338 1 Tibco 4 Hawk, Iprocess Engine, Mainframe Service Tracker and 1 more 2026-04-23 N/A
Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0 through 10.6.2 and 11.0.0; and Mainframe Service Tracker before 1.1.0 might allow remote attackers to execute arbitrary code via a crafted message.
CVE-2008-6922 1 Youngzsoft 1 Cmailserver 2026-04-23 N/A
Multiple stack-based buffer overflows in CMailCOM.dll in CMailServer 5.4.6 allow remote attackers to execute arbitrary code via a long argument to the (1) CreateUserPath, (2) Logout, (3) DeleteMailByUID, (4) MoveToInbox, (5) MoveToFolder, (6) DeleteMailEx, (7) GetMailDataEx, (8) SetReplySign, (9) SetForwardSign, and (10) SetReadSign methods, which are not properly handled by (a) the POP3 Class ActiveX control (CMailCom.POP3); or a long argument to the (11) AddAttach, (12) SetSubject, (13) SetBcc, (14) SetBody, (15) SetCc, (16) SetFrom, (17) SetTo, and (18) SetFromUID methods, which are not properly handled by the Class ActiveX control (CMailCOM.SMTP), as demonstrated via the indexOfMail parameter to mwmail.asp.
CVE-2008-3522 2 Jasper Project, Redhat 3 Jasper, Enterprise Virtualization, Rhev Manager 2026-04-23 N/A
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
CVE-2009-0650 1 Tptest 1 Tptest 2026-04-23 N/A
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information.
CVE-2006-4517 1 Novell 1 Imanager 2026-04-23 N/A
Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference.
CVE-2003-1566 1 Microsoft 1 Internet Information Services 2026-04-23 N/A
Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, which allows remote attackers to obtain sensitive information without detection.
CVE-2009-2539 1 Aigo 1 Aigo Md P8860 2026-04-23 N/A
The Aigo P8860 allows remote attackers to cause a denial of service (memory consumption and browser hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
CVE-2009-4171 1 Yahoo 1 Messenger 2026-04-23 N/A
An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument.
CVE-2007-6315 1 Real Time Logic 2 Barracudadrive Web Server, Barracudadrive Web Server Home Server 2026-04-23 N/A
Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection ID, which results in a NULL pointer dereference.
CVE-2009-0696 2 Isc, Redhat 2 Bind, Enterprise Linux 2026-04-23 N/A
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message.