Export limit exceeded: 45903 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45903 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0064 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows Media Format Runtime and 3 more | 2026-04-23 | N/A |
| Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | ||||
| CVE-2007-6516 | 1 Ravware | 1 Flic Activex Control | 2026-04-23 | N/A |
| Buffer overflow in RavWare Software MAS Flic ActiveX Control (masflc.ocx) 1.0.0.1 allows remote attackers to execute arbitrary code via a long FileName property. | ||||
| CVE-2007-6359 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL. | ||||
| CVE-2007-4832 | 1 Immersion Games | 1 Cellfactor Revolution | 2026-04-23 | N/A |
| Format string vulnerability in CellFactor Revolution 1.03 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a malformed nickname. | ||||
| CVE-2007-6353 | 3 Canonical, Debian, Exiv2 | 3 Ubuntu Linux, Debian Linux, Exiv2 | 2026-04-23 | N/A |
| Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. | ||||
| CVE-2007-6510 | 1 Prowizard | 1 Prowizard 4 Pc | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the (1) AMOS-MusicBank, (2) FuzzacPacker, and (3) QuadraComposer rippers; and (4) have an unknown impact via a crafted file to the SkytPacker ripper. | ||||
| CVE-2008-1491 | 1 Asus | 1 Remote Console | 2026-04-23 | N/A |
| Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623. | ||||
| CVE-2007-6336 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file. | ||||
| CVE-2007-0072 | 1 Trend Micro | 1 Serverprotect | 2026-04-23 | N/A |
| Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC. | ||||
| CVE-2007-0074 | 1 Trend Micro | 1 Serverprotect | 2026-04-23 | N/A |
| Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a folder read operation over RPC. | ||||
| CVE-2008-1617 | 1 Interwoven | 1 Worksite Web | 2026-04-23 | N/A |
| Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null. | ||||
| CVE-2008-1489 | 1 Videolan | 1 Vlc | 2026-04-23 | N/A |
| Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984. | ||||
| CVE-2007-0080 | 1 Freeradius | 1 Freeradius | 2026-04-23 | N/A |
| Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers to execute arbitrary code related to the server desthost field of an SMB_Handle_Type instance. NOTE: the impact of this issue has been disputed by a reliable third party and the vendor, who states that exploitation is limited "only to local administrators who have write access to the server configuration files." CVE concurs with the dispute | ||||
| CVE-2008-1472 | 2 Computer Associates, Unicenter | 7 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Unicenter Dsm R11 List Control Atx and 4 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method. | ||||
| CVE-2007-6285 | 1 Redhat | 1 Enterprise Linux | 2026-04-23 | N/A |
| The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device. | ||||
| CVE-2007-6281 | 1 Stbernard | 1 Open File Manager | 2026-04-23 | N/A |
| Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in St. Bernard Open File Manager 9.5 allows remote attackers to execute arbitrary code via a long request. | ||||
| CVE-2007-1592 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket. | ||||
| CVE-2009-0952 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image. | ||||
| CVE-2008-2725 | 4 Canonical, Debian, Redhat and 1 more | 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more | 2026-04-23 | N/A |
| Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the "REALLOC_N" variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. NOTE: as of 20080624, there has been inconsistent usage of multiple CVE identifiers related to Ruby. The CVE description should be regarded as authoritative, although it is likely to change. | ||||
| CVE-2007-0169 | 1 Broadcom | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite | 2026-04-23 | N/A |
| Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service. | ||||