Search Results (14756 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0894 1 Xvid 1 Xvid 2026-04-23 N/A
Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, allows remote attackers to execute arbitrary code via vectors involving the DirectShow (aka DShow) frontend and improper handling of the XVID_ERR_MEMORY return code during processing of a crafted movie file. NOTE: some of these details are obtained from third party information.
CVE-2006-7221 1 Fsp 1 C Library 2026-04-23 7.5 High
Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the (1) name and (2) d_name entry attributes.
CVE-2008-1670 1 Kde 1 Kde 2026-04-23 N/A
Heap-based buffer overflow in the progressive PNG Image loader (decoders/pngloader.cpp) in KHTML in KDE 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted image.
CVE-2008-1498 1 Netwin 1 Surgemail 2026-04-23 N/A
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command.
CVE-2008-1488 1 Pecl-php 1 Alternative Php Cache 2026-04-23 N/A
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.
CVE-2009-0009 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption.
CVE-2008-0956 2 Backweb, Logitech 2 Backweb, Desktop Manager 2026-04-23 N/A
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2008-0955 1 Creative 1 Creative Software Autoupdate Engine 2026-04-23 N/A
Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value.
CVE-2008-0948 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-23 N/A
Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors.
CVE-2006-7157 1 Google 1 Earth 2026-04-23 N/A
Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element.
CVE-2006-5176 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-23 N/A
Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages".
CVE-2008-0715 1 Acdsee 1 Photo Manager 2026-04-23 N/A
Buffer overflow in ACDSee Photo Manager 8.1, 9.0, and 10.0 allows user-assisted remote attackers to execute arbitrary code via a malformed XBM file. NOTE: this might be the same as CVE-2007-6009.
CVE-2008-4052 1 Hp 1 Openvms 2026-04-23 N/A
Stack-based buffer overflow in SMGSHR.EXE in OpenVMS for Integrity Servers 8.2-1, 8.3, and 8.3-1H1 and OpenVMS ALPHA 7.3-2, 8.2, and 8.3 allows local users to cause a denial of service (crash) or gain privileges via unspecified vectors.
CVE-2008-1709 1 Microsoft 1 Visual Interdev 2026-04-23 N/A
Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long malformed Project line beginning with a 'Project("{}") =' sequence, probably a different vector than CVE-2008-0250.
CVE-2008-0066 2 Autonomy, Ibm 2 Keyview, Lotus Notes 2026-04-23 N/A
Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element.
CVE-2008-0065 1 Winamp 1 Nullsoft Winamp 2026-04-23 N/A
Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles.
CVE-2008-2426 1 Carsten Haitzler 1 Imlib2 2026-04-23 N/A
Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src/modules/loaders/loader_pnm.c; or (2) a crafted XPM image, related to the load function in src/modules/loader_xpm.c.
CVE-2009-0889 2 Adobe, Redhat 3 Acrobat, Acrobat Reader, Rhel Extras 2026-04-23 N/A
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, and CVE-2009-0888.
CVE-2008-2468 1 Landesk 3 Landesk Management Suite, Landesk Security Suite, Landesk Server Manager 2026-04-23 N/A
Multiple buffer overflows in the QIP Server Service (aka qipsrvr.exe) in LANDesk Management Suite, Security Suite, and Server Manager 8.8 and earlier allow remote attackers to execute arbitrary code via a crafted heal request, related to the StringToMap and StringSize arguments.
CVE-2008-1720 1 Samba 1 Rsync 2026-04-23 N/A
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.