Search Results (15991 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4582 1 Acti 1 Network Video Recorder 2026-04-23 N/A
Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method.
CVE-2007-4572 2 Redhat, Samba 2 Enterprise Linux, Samba 2026-04-23 N/A
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests.
CVE-2007-4568 2 Redhat, X.org 2 Enterprise Linux, X Font Server 2026-04-23 N/A
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow.
CVE-2007-4567 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Rhel Eus 2026-04-23 N/A
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
CVE-2007-4566 1 Alpha Centauri Software 1 Sidvault Ldap Server 2026-04-23 N/A
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
CVE-2007-4561 1 Realnetworks 1 Helix Dna Server 2026-04-23 N/A
Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers.
CVE-2007-4549 1 Altools 1 Alpass 2026-04-23 N/A
Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a "Site Information and Folder entry" with a ciphertext_length value much larger than the plaintext_length value.
CVE-2007-4517 1 Oracle 1 Database Server 2026-04-23 N/A
Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remote authenticated users to execute arbitrary code via a long (1) OWNER or (2) NAME argument.
CVE-2007-4515 1 Yahoo 1 Messenger 2026-04-23 N/A
Buffer overflow in a certain ActiveX control in YVerInfo.dll before 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger before 8.1.0.419 allows remote attackers to execute arbitrary code via unspecified vectors involving arguments to the (1) fvCom and (2) info methods. NOTE: some of these details are obtained from third party information.
CVE-2007-4513 1 Ibm 1 Aix 2026-04-23 N/A
Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.
CVE-2007-4476 4 Canonical, Debian, Gnu and 1 more 4 Ubuntu Linux, Debian Linux, Tar and 1 more 2026-04-23 N/A
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
CVE-2007-4475 1 Sap 1 Sapgui 2026-04-23 N/A
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
CVE-2007-4474 1 Ibm 2 Domino Web Access, Lotus Domino Web Access 2026-04-23 N/A
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.
CVE-2007-4473 1 Gesytec Easylon 1 Opc Server 2026-04-23 N/A
Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions.
CVE-2007-4472 1 Broderbund 1 Expressit 3dgreetings Player 2026-04-23 N/A
Multiple buffer overflows in the Broderbund Expressit 3DGreetings Player ActiveX control could allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-4470 1 Er Mapper 1 Image Web Server Ecw Jpeg 2000 Plug-in 2026-04-23 N/A
Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-4466 1 Electronic Arts 1 Snoopyctrl 2026-04-23 N/A
Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters.
CVE-2007-4137 6 Conectiva, Gentoo, Mandrakesoft and 3 more 8 Linux, Linux, Mandrake Linux and 5 more 2026-04-23 N/A
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
CVE-2007-4066 2 Redhat, Xiph.org 2 Enterprise Linux, Libvorbis 2026-04-23 N/A
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array.
CVE-2007-4037 1 Guidance Software 1 Encase 2026-04-23 N/A
Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled