Export limit exceeded: 363683 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45983 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (45983 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4549 1 Altools 1 Alpass 2026-04-23 N/A
Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a "Site Information and Folder entry" with a ciphertext_length value much larger than the plaintext_length value.
CVE-2009-0183 1 Free Download Manager 1 Free Download Manager 2026-04-23 N/A
Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request.
CVE-2008-1287 1 Ibm 1 Rational Clearquest 2026-04-23 N/A
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 generates different error messages depending on whether the username is valid or invalid, which allows remote attackers to enumerate usernames.
CVE-2009-0176 1 Research In Motion Limited 3 Blackberry Enterprise Server, Blackberry Professional Software, Blackberry Unite 2026-04-23 N/A
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."
CVE-2007-4619 3 Flac, Nullsoft, Redhat 3 Libflac, Winamp, Enterprise Linux 2026-04-23 N/A
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.
CVE-2007-4629 1 University Of Minnesota 1 Mapserver 2026-04-23 N/A
Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
CVE-2008-0434 1 Gecad Technologies 1 Axigen Mail Server 2026-04-23 N/A
Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command.
CVE-2008-0337 1 Miniweb Http Server 1 Miniweb Http Server 2026-04-23 N/A
Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.
CVE-2008-0320 2 Openoffice, Redhat 2 Openoffice.org, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
CVE-2008-0318 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow.
CVE-2008-0312 2 Microsoft, Symantec 5 Windows, Norton 360, Norton Antivirus and 2 more 2026-04-23 N/A
Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information.
CVE-2007-4642 1 Doomsday 1 Doomsday 2026-04-23 N/A
Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\0' character.
CVE-2007-4643 1 Doomsday 1 Doomsday 2026-04-23 N/A
Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c.
CVE-2008-0309 1 Symantec 10 Scan Engine, Symantec Antivirus Filtering Domino Mpe, Symantec Antivirus Network Attached Storage and 7 more 2026-04-23 N/A
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).
CVE-2008-2908 1 Novell 1 Iprint Client 2026-04-23 N/A
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-3050 1 Htmldoc 1 Htmldoc 2026-04-23 N/A
Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries.
CVE-2009-0537 2 Microsoft, Openbsd 2 Interix, Openbsd 2026-04-23 N/A
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree, related to the fts_level structure member, as demonstrated by (a) du, (b) rm, (c) chmod, and (d) chgrp on OpenBSD; and (e) SearchIndexer.exe on Vista Enterprise.
CVE-2008-0307 1 Sap 1 Maxdb 2026-04-23 N/A
Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.
CVE-2008-0304 4 Linux, Microsoft, Mozilla and 1 more 5 Linux Kernel, Windows, Seamonkey and 2 more 2026-04-23 N/A
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview.
CVE-2007-4657 3 Canonical, Debian, Php 3 Ubuntu Linux, Debian Linux, Php 2026-04-23 N/A
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.