Export limit exceeded: 21124 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 15982 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (15982 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0689 6 Freebsd, K-meleon Project, Mozilla and 3 more 9 Freebsd, K-meleon, Firefox and 6 more 2026-04-23 N/A
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
CVE-2007-5729 3 Debian, Opensuse, Qemu 3 Debian Linux, Opensuse, Qemu 2026-04-23 N/A
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability.
CVE-2008-0634 1 Sejoong Namo 2 Activesquare, Namoinstall.1 Activex Control 2026-04-23 N/A
Buffer overflow in the NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1, as used in Sejoong Namo ActiveSquare6, allows remote attackers to execute arbitrary code via a long argument to the Install method, a different vulnerability than CVE-2008-0551.
CVE-2007-4939 3 Guliverkli, Mympc, Verycd 3 Media Player Classic, Cd-storm, Stormplayer 2026-04-23 N/A
Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values.
CVE-2009-0663 3 Cmu, Perl, Redhat 3 Dbd\, Perl, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows.
CVE-2009-0659 1 Tptest 1 Tptest 2026-04-23 N/A
Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers to have an unknown impact via a STATS line with a long email field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0688 2 Carnegie Mellon University, Redhat 2 Cyrus-sasl, Enterprise Linux 2026-04-23 N/A
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
CVE-2006-6361 1 Bitflux 1 Upload Progress Meter 2026-04-23 N/A
Heap-based buffer overflow in the uploadprogress_php_rfc1867_file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted HTTP POST fileupload requests.
CVE-2009-3809 1 Acoustica 1 Mp3 Audio Mixer 2026-04-23 N/A
Acoustica MP3 Audio Mixer 1.0 and possibly 2.471 allows remote attackers to cause a denial of service (crash) via a long string in a .sgp playlist file.
CVE-2007-6432 1 Adobe 1 Pagemaker 2026-04-23 N/A
Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a malformed .PMD file, related to "Key Strings," a different vulnerability than CVE-2007-5169 and CVE-2007-5394.
CVE-2009-2800 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Buffer overflow in Alias Manager in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted alias file.
CVE-2008-4539 4 Canonical, Debian, Kvm Qumranet and 1 more 4 Ubuntu Linux, Debian Linux, Kvm and 1 more 2026-04-23 N/A
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.
CVE-2008-3733 1 Eo-video 1 Eo-video 2026-04-23 N/A
Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.
CVE-2008-6703 1 Stalker-game 1 S.t.a.l.k.e.r.\ 2026-04-23 N/A
Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to execute arbitrary code via a compressed 0x39 packet, which is decompressed by the NET_Compressor::Decompress function.
CVE-2009-1274 1 Xine 1 Xine-lib 2026-04-23 N/A
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
CVE-2008-3146 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.
CVE-2009-4103 1 Robo-ftp 1 Robo-ftp 2026-04-23 N/A
Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allows remote FTP servers to cause a denial of service and possibly execute arbitrary code via unspecified FTP server responses. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1257 1 Magic Iso Maker 1 Magic Iso Maker 2026-04-23 N/A
Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file.
CVE-2009-1439 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2026-04-23 N/A
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
CVE-2009-3699 1 Ibm 2 Aix, Vios 2026-04-23 N/A
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.