Search Results (15971 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2327 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-23 N/A
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
CVE-2009-2727 1 Ibm 1 Aix 2026-04-23 N/A
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15.
CVE-2008-1056 1 Symark 1 Powerbroker 2026-04-23 N/A
Multiple stack-based buffer overflows in Symark PowerBroker 2.8 through 5.0.1 allow local users to gain privileges via a long argv[0] string when executing (1) pbrun, (2) pbsh, or (3) pbksh. NOTE: the product is often installed in environments with trust relationships that facilitate subsequent remote compromises.
CVE-2008-1490 2 Aurigma, Piczo 2 Image Uploader Activex Control, Imageuploader4 2026-04-23 N/A
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
CVE-2007-6195 1 Hp 1 Hp-ux 2026-04-23 N/A
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malformed arguments in an opcode 0x04 DCE RPC request.
CVE-2008-1601 1 Ibm 1 Aix 2026-04-23 N/A
Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges.
CVE-2008-3658 2 Php, Redhat 2 Php, Enterprise Linux 2026-04-23 N/A
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
CVE-2008-1581 2 Apple, Microsoft 3 Quicktime, Windows Vista, Windows Xp 2026-04-23 N/A
Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image.
CVE-2008-1602 1 Orbit Downloader 1 Orbit Downloader 2026-04-23 N/A
Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute arbitrary code via a long download URL, which is not properly handled during Unicode conversion for a balloon notification after a download has failed.
CVE-2008-1611 1 Tftp-server 1 Winagents Tftp Server 2026-04-23 N/A
Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote attackers to cause a denial of service or execute arbitrary code via a long filename in a read or write request.
CVE-2008-1912 1 Divx 1 Divx Player 2026-04-23 N/A
Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earlier allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long subtitle in a .SRT file.
CVE-2007-0009 4 Canonical, Debian, Mozilla and 1 more 7 Ubuntu Linux, Debian Linux, Firefox and 4 more 2026-04-23 N/A
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values.
CVE-2008-2149 1 Wordnet 1 Wordnet 2026-04-23 N/A
Stack-based buffer overflow in the searchwn function in Wordnet 2.0, 2.1, and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end.
CVE-2008-4048 1 Friendly Technologies 1 Friendly Pppoe Client 2026-04-23 N/A
Heap-based buffer overflow in a certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary code via a long third argument to the CreateURLShortcut method.
CVE-2007-5675 1 Multixtpm 1 Application Server 2026-04-23 N/A
Stack-based buffer overflow in the DebugPrint function in MultiXTpm Application Server before 4.0.2d allows remote attackers to execute arbitrary code via a long string argument.
CVE-2009-0305 2 Microsoft, Research In Motion Limited 2 Internet Explorer, Blackberry Application Web Loader 2026-04-23 N/A
Multiple stack-based buffer overflows in the Research in Motion RIM AxLoader ActiveX control in AxLoader.ocx and AxLoader.dll in BlackBerry Application Web Loader 1.0 allow remote attackers to execute arbitrary code via unspecified use of the (1) load or (2) loadJad method.
CVE-2008-4779 1 Tguzip 1 Tguzip 2026-04-23 N/A
Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file.
CVE-2008-2099 2 Microsoft, Vmware 5 Windows, Ace 2, Vmware Player 2 and 2 more 2026-04-23 N/A
Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, and VMware ACE 2 before 2.0.2 build 93057 on Windows allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.
CVE-2006-5710 2 Apple, Opendarwin 2 Mac Os X, Darwin Kernel 2026-04-23 N/A
The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which triggers a heap-based buffer overflow.
CVE-2008-2040 1 Peercast 1 Peercast 2026-04-23 N/A
Stack-based buffer overflow in the HTTP::getAuthUserPass function (core/common/http.cpp) in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Basic Authentication string with a long (1) username or (2) password.