Search Results (1249 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2367 1 Socks5 1 Socks5 2026-04-16 N/A
Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname.
CVE-2002-2419 1 Dctc Project 1 Dctc 2026-04-16 N/A
Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character.
CVE-2003-0372 1 Nessus 1 Nessus 2026-04-16 N/A
Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script.
CVE-2003-1432 1 Epic Games 2 Unreal Engine, Unreal Tournament 2003 2026-04-16 N/A
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file.
CVE-2005-3962 2 Perl, Redhat 2 Perl, Enterprise Linux 2026-04-16 N/A
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
CVE-2005-4837 3 Net-snmp, Redhat, Sourceforge 3 Net-snmp, Enterprise Linux, Net-snmp 2026-04-16 N/A
snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.
CVE-2006-0747 2 Freetype, Redhat 2 Freetype, Enterprise Linux 2026-04-16 N/A
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
CVE-2006-1459 1 Apple 1 Quicktime 2026-04-16 N/A
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV).
CVE-2006-1458 1 Apple 1 Quicktime 2026-04-16 N/A
Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image.
CVE-2006-1462 1 Apple 1 Quicktime 2026-04-16 N/A
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file.
CVE-2006-1467 1 Apple 1 Itunes 2026-04-16 N/A
Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC (M4P, M4A, or M4B) file with a sample table size (STSZ) atom with a "malformed" sample_size_table value.
CVE-2006-1552 1 Apple 4 Imageio, Mac Os X, Mac Os X Server and 1 more 2026-04-16 N/A
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom".
CVE-2006-2197 1 Wvware 1 Wv2 2026-04-16 N/A
Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document.
CVE-2006-2327 1 Novell 1 Netware 2026-04-16 N/A
Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function.
CVE-2006-3082 2 Gnupg, Redhat 2 Gnupg, Enterprise Linux 2026-04-16 N/A
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option.
CVE-2006-3744 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2026-04-16 N/A
Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.
CVE-2006-3747 3 Apache, Canonical, Debian 3 Http Server, Ubuntu Linux, Debian Linux 2026-04-16 N/A
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
CVE-2006-3806 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-16 N/A
Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
CVE-2006-3879 1 Miod Vallat 1 Mikmod 2026-04-16 N/A
Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk.
CVE-2002-2286 1 Apt-www-proxy 1 Apt-www-proxy 2026-04-16 N/A
The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference.