Total
2705 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5330 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2025-04-09 | N/A |
| The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers. | ||||
| CVE-2007-5329 | 2 Broadcom, Ca | 6 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Business Protection Suite and 3 more | 2025-04-09 | N/A |
| Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption. | ||||
| CVE-2009-1889 | 2 Pidgin, Redhat | 2 Pidgin, Enterprise Linux | 2025-04-09 | N/A |
| The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that triggers allocation of a large amount of memory. | ||||
| CVE-2009-0769 | 1 Qip | 1 Qip | 2025-04-09 | N/A |
| QIP 2005 build 8082 allows remote attackers to cause a denial of service (CPU consumption and application hang) via a crafted Rich Text Format (RTF) ICQ message, as demonstrated by an {\rtf\pict\&&} message. NOTE: the vulnerability may be in Sergey Tkachenko TRichView. If so, then this should not be treated as a vulnerability in QIP. | ||||
| CVE-2008-1575 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Apple Type Services (ATS) server in Apple Mac OS X 10.5 before 10.5.3 allows user-assisted remote attackers to execute arbitrary code via a crafted embedded font in a PDF document, related to memory corruption that occurs during printing. | ||||
| CVE-2007-4710 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption. | ||||
| CVE-2007-4689 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Double free vulnerability in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (system shutdown) or execute arbitrary code via crafted IPV6 packets. | ||||
| CVE-2007-4661 | 1 Php | 1 Php | 2025-04-09 | N/A |
| The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872. | ||||
| CVE-2007-5093 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. | ||||
| CVE-2007-4654 | 3 Cisco, Openbsd, Teamf1 | 4 Content Services Switch 11000, Webns, Openssh and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote attackers to cause a denial of service (connection slot exhaustion and device crash) via a series of large packets designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144), possibly a related issue to CVE-2002-1024. | ||||
| CVE-2009-2464 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-09 | N/A |
| The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to loading multiple RDF files in a XUL tree element. | ||||
| CVE-2007-4617 | 1 Bea | 1 Weblogic Server | 2025-04-09 | N/A |
| Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote attackers to cause a denial of service (server thread hang) via unspecified vectors. | ||||
| CVE-2009-0097 | 1 Microsoft | 1 Visio | 2025-04-09 | N/A |
| Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validate memory allocation for Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Corruption Vulnerability." | ||||
| CVE-2009-0259 | 1 Openoffice | 1 Openoffice.org | 2025-04-09 | N/A |
| The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841. | ||||
| CVE-2009-0322 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2025-04-09 | N/A |
| drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/. | ||||
| CVE-2009-0747 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem. | ||||
| CVE-2007-4577 | 1 Sophos | 3 Anti-virus, Scanning Engine, Small Business Suite | 2025-04-09 | N/A |
| Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb"). | ||||
| CVE-2008-1455 | 1 Microsoft | 3 Compatibility Pack Word Excel Powerpoint, Office, Office Powerpoint Viewer | 2025-04-09 | N/A |
| A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 through SP1; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 through SP1; and Office 2004 for Mac allows remote attackers to execute arbitrary code via a PowerPoint file with crafted list values that trigger memory corruption, aka "Parsing Overflow Vulnerability." | ||||
| CVE-2008-1437 | 1 Microsoft | 9 Antigen For Exchange, Antigen For Smtp Gateway, Diagnostics And Recovery Toolkit and 6 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Malware Protection Engine (mpengine.dll) 1.1.3520.0 and 0.1.13.192, as used in multiple Microsoft products, allows context-dependent attackers to cause a denial of service (engine hang and restart) via a crafted file, a different vulnerability than CVE-2008-1438. | ||||
| CVE-2007-4496 | 2 Canonical, Vmware | 5 Ubuntu Linux, Ace, Player and 2 more | 2025-04-09 | N/A |
| Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows authenticated users with administrative privileges on a guest operating system to corrupt memory and possibly execute arbitrary code on the host operating system via unspecified vectors. | ||||