Search Results (23269 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0358 3 Debian, Falconseye Project, Nethack 3 Debian Linux, Falconseye, Nethack 2026-04-16 N/A
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
CVE-1999-0284 2 Ibm, Microsoft 2 Lotus Domino Mail Server, Exchange Server 2026-04-16 N/A
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
CVE-2004-0150 1 Python 1 Python 2026-04-16 N/A
Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.
CVE-2004-0112 24 4d, Apple, Avaya and 21 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2026-04-16 N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2003-0595 1 Terascript 1 Wintango Application Server 2026-04-16 N/A
Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference.
CVE-2001-1323 2 Mit, Redhat 2 Kerberos 5, Linux 2026-04-16 N/A
Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function.
CVE-1999-1237 1 Apache 1 Http Server 2026-04-16 N/A
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
CVE-2001-0191 3 Andynorman, Gnu, Redhat 4 Gnuserv, Xemacs, Linux and 1 more 2026-04-16 N/A
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
CVE-2004-0183 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2026-04-16 N/A
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0184 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2026-04-16 N/A
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2002-0062 5 Debian, Freebsd, Gnu and 2 more 5 Debian Linux, Freebsd, Ncurses and 2 more 2026-04-16 N/A
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
CVE-2026-29111 2 Systemd, Systemd Project 2 Systemd, Systemd 2026-04-15 5.5 Medium
systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.
CVE-2026-5441 2 Orthanc, Orthanc-server 2 Dicom Server, Orthanc 2026-04-15 7.1 High
An out-of-bounds read vulnerability exists in the `DecodePsmctRle1` function of `DicomImageDecoder.cpp`. The `PMSCT_RLE1` decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafted sequence at the end of the buffer can cause the decoder to read beyond the allocated memory region and leak heap data into the rendered image output.
CVE-2019-5482 7 Debian, Fedoraproject, Haxx and 4 more 24 Debian Linux, Fedora, Curl and 21 more 2026-04-15 9.8 Critical
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-5436 8 Debian, F5, Fedoraproject and 5 more 15 Debian Linux, Traffix Signaling Delivery Controller, Fedora and 12 more 2026-04-15 7.8 High
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
CVE-2018-1000301 5 Canonical, Debian, Haxx and 2 more 15 Ubuntu Linux, Debian Linux, Curl and 12 more 2026-04-15 9.1 Critical
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
CVE-2017-8817 3 Debian, Haxx, Redhat 4 Debian Linux, Curl, Libcurl and 1 more 2026-04-15 9.8 Critical
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.
CVE-2017-8816 3 Debian, Haxx, Redhat 4 Debian Linux, Curl, Libcurl and 1 more 2026-04-15 9.8 Critical
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.
CVE-2017-1000257 3 Debian, Haxx, Redhat 5 Debian Linux, Libcurl, Enterprise Linux and 2 more 2026-04-15 9.1 Critical
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.
CVE-2016-8620 2 Haxx, Redhat 2 Curl, Rhel Software Collections 2026-04-15 N/A
The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input.