Export limit exceeded: 15524 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43381 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4219 | 1 Trend Micro | 1 Serverprotect | 2026-04-23 | N/A |
| Integer overflow in the RPCFN_SYNC_TASK function in StRpcSrv.dll, as used by the ServerProtect service (SpntSvc.exe), in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a certain integer field in a request packet to TCP port 5168, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-6189 | 1 Bitdefender | 1 Online Anti-virus Scanner | 2026-04-23 | N/A |
| A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow. | ||||
| CVE-2007-6181 | 1 Redhat | 1 Cygwin | 2026-04-23 | N/A |
| Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier allows context-dependent attackers to execute arbitrary code via a filename with a certain length, as demonstrated by a remote authenticated user who uses the SCP protocol to send a file to the Cygwin machine, and thereby causes scp.exe on this machine to execute, and then overwrite heap memory with characters from the filename. NOTE: it is also reported that a related issue might exist in 1.5.7 through 1.5.19. | ||||
| CVE-2007-5897 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure. | ||||
| CVE-2009-0583 | 3 Argyllcms, Ghostscript, Redhat | 3 Argyllcms, Ghostscript, Enterprise Linux | 2026-04-23 | N/A |
| Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. | ||||
| CVE-2009-3254 | 1 Ultimatevideosite | 1 Ultimate Player | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file. | ||||
| CVE-2009-0565 | 1 Microsoft | 5 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Word and 2 more | 2026-04-23 | N/A |
| Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption, aka "Word Buffer Overflow Vulnerability." | ||||
| CVE-2007-5849 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2026-04-23 | N/A |
| Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow. | ||||
| CVE-2007-5848 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service. | ||||
| CVE-2009-0561 | 1 Microsoft | 6 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Excel and 3 more | 2026-04-23 | N/A |
| Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Microsoft Office SharePoint Server 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via an Excel file with a Shared String Table (SST) record with a numeric field that specifies an invalid number of unique strings, which triggers a heap-based buffer overflow, aka "Record Integer Overflow Vulnerability." | ||||
| CVE-2007-5838 | 1 Symantec | 1 Altiris Deployment Solution | 2026-04-23 | N/A |
| Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain local System privileges via the "Enable key-based authentication to Deployment server" browser option, a different issue than CVE-2007-4380. | ||||
| CVE-2007-4475 | 1 Sap | 1 Sapgui | 2026-04-23 | N/A |
| Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method. | ||||
| CVE-2007-4474 | 1 Ibm | 2 Domino Web Access, Lotus Domino Web Access | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. | ||||
| CVE-2007-4473 | 1 Gesytec Easylon | 1 Opc Server | 2026-04-23 | N/A |
| Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions. | ||||
| CVE-2007-5560 | 1 Juniper | 1 Http Service | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Juniper HTTP Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-4974 | 1 Mega-nerd | 1 Libsndfile | 2026-04-23 | N/A |
| Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size. | ||||
| CVE-2009-0953 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. | ||||
| CVE-2009-0952 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image. | ||||
| CVE-2009-0951 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC compression file. | ||||
| CVE-2009-0950 | 1 Apple | 1 Itunes | 2026-04-23 | N/A |
| Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon. | ||||