Total
14680 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1058 | 1 Zipgenius | 1 Zipgenius | 2026-04-23 | N/A |
| Stack-based buffer overflow in ZipGenius might allow remote attackers to execute arbitrary code via a crafted .zip file that triggers an SEH overwrite. NOTE: it is possible that this overlaps CVE-2005-3317. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | ||||
| CVE-2009-1063 | 1 Brother Soft | 1 Exescope | 2026-04-23 | N/A |
| Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via a crafted executable (.exe) file. | ||||
| CVE-2008-1518 | 1 Kaspersky Lab | 2 Kaspersky Anti-virus, Kaspersky Internet Security | 2026-04-23 | N/A |
| Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call. | ||||
| CVE-2008-5395 | 2 Hp, Linux | 2 Pa-risc, Linux Kernel | 2026-04-23 | N/A |
| The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. | ||||
| CVE-2009-0844 | 2 Mit, Redhat | 3 Kerberos, Kerberos 5, Enterprise Linux | 2026-04-23 | N/A |
| The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read. | ||||
| CVE-2009-1324 | 1 Mini-stream | 1 Asx To Mp3 Converter | 2026-04-23 | N/A |
| Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | ||||
| CVE-2009-1372 | 1 Clamav | 1 Clamav | 2026-04-23 | N/A |
| Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL. | ||||
| CVE-2010-0356 | 1 Viscomsoft | 1 Movie Player Pro Sdk Activex | 2026-04-23 | N/A |
| Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method. | ||||
| CVE-2008-0947 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2026-04-23 | N/A |
| Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors. | ||||
| CVE-2010-0037 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | 8.8 High |
| Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image. | ||||
| CVE-2008-1015 | 1 Apple | 1 Quicktime | 2026-04-23 | N/A |
| Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. | ||||
| CVE-2009-4482 | 1 Tversity | 1 Tversity | 2026-04-23 | N/A |
| Buffer overflow in MediaServer.exe in TVersity 1.6 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by the vd_tversity module in VulnDisco Pack Professional 8.11. NOTE: as of 20091229, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2009-4484 | 5 Canonical, Debian, Mariadb and 2 more | 5 Ubuntu Linux, Debian Linux, Mariadb and 2 more | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a. | ||||
| CVE-2008-5235 | 1 Xine | 1 Xine | 2026-04-23 | N/A |
| Heap-based buffer overflow in the demux_real_send_chunk function in src/demuxers/demux_real.c in xine-lib before 1.1.15 allows remote attackers to execute arbitrary code via a crafted Real Media file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5245 | 1 Xine | 1 Xine-lib | 2026-04-23 | N/A |
| xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c. | ||||
| CVE-2009-4588 | 1 Awingsoft | 2 Awakening Winds3d Player, Awakening Winds3d Viewer | 2026-04-23 | N/A |
| Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx 3.5.0.0 Beta, 3.0.0.5, and earlier in AwingSoft Awakening Web3D Player and Winds3D Viewer allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long SceneUrl property value, a different vulnerability than CVE-2009-2386. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4227 | 1 Xfig | 1 Xfig | 2026-04-23 | N/A |
| Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4230 | 1 Ruven Pillay | 1 Iipimage Server | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program in IIPImage Server before 0.9.8 might allow remote attackers to execute arbitrary code via vectors associated with crafted arguments to the (1) RGN::run, (2) JTLS::run, or (3) SHD::run function. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4240 | 1 Ibm | 1 Infosphere Information Server | 2026-04-23 | N/A |
| Multiple buffer overflows in unspecified setuid executables in the DataStage subsystem in IBM InfoSphere Information Server 8.1 before FP1 have unknown impact and attack vectors. | ||||
| CVE-2009-4006 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string. | ||||