Export limit exceeded: 23438 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23438 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3106 | 3 Libvorbis, Redhat, Rpath | 3 Libvorbis, Enterprise Linux, Rpath Linux | 2026-04-23 | N/A |
| lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap overwrite" in the _01inverse function in res0.c. NOTE: this issue has been RECAST so that CVE-2007-4029 handles additional vectors. | ||||
| CVE-2007-2953 | 2 Redhat, Vim Development Group | 2 Enterprise Linux, Vim | 2026-04-23 | N/A |
| Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. | ||||
| CVE-2008-1808 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2026-04-23 | N/A |
| Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-1803 | 2 Rdesktop, Redhat | 2 Rdesktop, Enterprise Linux | 2026-04-23 | N/A |
| Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified by the original researcher. | ||||
| CVE-2008-1801 | 2 Rdesktop, Redhat | 2 Rdesktop, Enterprise Linux | 2026-04-23 | N/A |
| Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field. | ||||
| CVE-2007-2874 | 1 Redhat | 1 Fedora Core | 2026-04-23 | N/A |
| Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2834 | 5 Apache, Canonical, Debian and 2 more | 6 Openoffice, Ubuntu Linux, Debian Linux and 3 more | 2026-04-23 | N/A |
| Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow. | ||||
| CVE-2007-2022 | 3 Adobe, Opera, Redhat | 3 Flash Player, Opera Browser, Enterprise Linux | 2026-04-23 | N/A |
| Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | ||||
| CVE-2007-1354 | 2 Jboss, Redhat | 2 Jboss Application Server, Jboss Application Server | 2026-04-23 | N/A |
| The Access Control functionality (JMXOpsAccessControlFilter) in JMX Console in JBoss Application Server 4.0.2 and 4.0.5 before 20070416 uses a member variable to store the roles of the current user, which allows remote authenticated administrators to trigger a race condition and gain privileges by logging in during a session by a more privileged administrator, as demonstrated by privilege escalation from Read Mode to Write Mode. | ||||
| CVE-2006-5051 | 4 Apple, Debian, Openbsd and 1 more | 5 Mac Os X, Mac Os X Server, Debian Linux and 2 more | 2026-04-23 | 8.1 High |
| Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | ||||
| CVE-2007-2509 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2026-04-23 | N/A |
| CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands. | ||||
| CVE-2007-2510 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2026-04-23 | N/A |
| Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters. | ||||
| CVE-2008-1721 | 4 Canonical, Debian, Python and 1 more | 4 Ubuntu Linux, Debian Linux, Python and 1 more | 2026-04-23 | N/A |
| Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | ||||
| CVE-2007-2691 | 4 Canonical, Debian, Mysql and 1 more | 5 Ubuntu Linux, Debian Linux, Mysql and 2 more | 2026-04-23 | N/A |
| MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. | ||||
| CVE-2007-2754 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2026-04-23 | N/A |
| Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow. | ||||
| CVE-2007-2797 | 3 Debian, Redhat, Xterm | 3 Debian Linux, Enterprise Linux, Xterm | 2026-04-23 | N/A |
| xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals. | ||||
| CVE-2008-1767 | 1 Redhat | 5 Desktop, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2026-04-23 | N/A |
| Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps. | ||||
| CVE-2007-2789 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2026-04-23 | N/A |
| The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty. | ||||
| CVE-2007-2867 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-23 | N/A |
| Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues. | ||||
| CVE-2007-2870 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add an event listener for a site, which is executed in the context of that site. | ||||