Search Results (15978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4565 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-16 N/A
Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minimal quantifier."
CVE-2005-4444 1 David Harris 1 Pegasus Mail 2026-04-16 N/A
Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply.
CVE-1999-0874 1 Microsoft 3 Internet Information Server, Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
CVE-2003-1337 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2005-4220 1 Netgear 1 Rp114 2026-04-16 N/A
Netgear RP114, and possibly other versions and devices, allows remote attackers to cause a denial of service via a SYN flood attack between one system on the internal interface and another on the external interface, which temporarily stops routing between the interfaces, as demonstrated using nmap.
CVE-2002-1357 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2026-04-16 N/A
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
CVE-1999-0700 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
CVE-2006-1453 1 Apple 1 Quicktime 2026-04-16 N/A
Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information.
CVE-2003-1431 1 Epic Games 1 Unreal Engine 2026-04-16 N/A
Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL.
CVE-2003-0227 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.
CVE-2006-2439 1 Zipcentral 1 Zipcentral 2026-04-16 N/A
Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
CVE-2006-1461 1 Apple 1 Quicktime 2026-04-16 N/A
Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash (SWF) file.
CVE-2003-0373 1 Nessus 1 Nessus 2026-04-16 N/A
Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long proto argument to the scanner_add_port function, (2) a long user argument to the ftp_log_in function, (3) a long pass argument to the ftp_log_in function.
CVE-2006-0010 1 Microsoft 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more 2026-04-16 N/A
Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.
CVE-2003-0222 1 Oracle 3 Database Server, Oracle8i, Oracle9i 2026-04-16 N/A
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
CVE-2002-1174 2 Fetchmail, Redhat 3 Fetchmail, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers, which are not properly parsed by the parse_received function.
CVE-2006-0006 1 Microsoft 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more 2026-04-16 N/A
Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
CVE-2006-1454 1 Apple 1 Quicktime 2026-04-16 N/A
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data.
CVE-2004-2685 1 Youngzsoft 1 Ccproxy 2026-04-16 N/A
Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416.
CVE-2005-1812 1 Futuresoft 1 Tftp Server 2000 2026-04-16 N/A
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.