Total
200 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0940 | 7 Apache, Hp, Openpkg and 4 more | 9 Http Server, Hp-ux, Openpkg and 6 more | 2025-04-03 | 7.8 High |
| Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | ||||
| CVE-2004-1363 | 1 Oracle | 7 Application Server, Collaboration Suite, Database Server and 4 more | 2025-04-03 | 9.8 Critical |
| Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed. | ||||
| CVE-2004-0434 | 2 Debian, Heimdal Project | 2 Debian Linux, Heimdal | 2025-04-03 | 9.8 Critical |
| k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. | ||||
| CVE-2002-0184 | 3 Debian, Redhat, Sudo Project | 4 Debian Linux, Linux, Powertools and 1 more | 2025-04-03 | 7.8 High |
| Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | ||||
| CVE-2001-0334 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | 7.5 High |
| FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | ||||
| CVE-2004-0747 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2025-04-03 | 7.8 High |
| Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. | ||||
| CVE-2005-3120 | 3 Debian, Invisible-island, Redhat | 3 Debian Linux, Lynx, Enterprise Linux | 2025-04-03 | 9.8 Critical |
| Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | ||||
| CVE-2001-0248 | 2 Hp, Sgi | 2 Hp-ux, Irix | 2025-04-03 | 9.8 Critical |
| Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | ||||
| CVE-2003-0899 | 1 Acme | 1 Thttpd | 2025-04-03 | 9.8 Critical |
| Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "<" and ">" sequences. | ||||
| CVE-2005-2103 | 2 Gaim Project, Redhat | 2 Gaim, Enterprise Linux | 2025-04-03 | 9.8 Critical |
| Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n. | ||||
| CVE-2024-27237 | 1 Google | 1 Android | 2025-03-25 | 5.5 Medium |
| In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2021-4206 | 3 Debian, Qemu, Redhat | 4 Debian Linux, Qemu, Advanced Virtualization and 1 more | 2025-03-21 | 8.2 High |
| A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | ||||
| CVE-2023-0568 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-03-18 | 7.5 High |
| In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value, which might lead to unauthorized data access or modification. | ||||
| CVE-2023-20627 | 2 Google, Mediatek | 6 Android, Mt6879, Mt6895 and 3 more | 2025-03-06 | 6.7 Medium |
| In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629585. | ||||
| CVE-2023-1175 | 1 Vim | 1 Vim | 2025-03-06 | 6.6 Medium |
| Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | ||||
| CVE-2023-5941 | 1 Freebsd | 1 Freebsd | 2025-02-13 | 9.8 Critical |
| In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program. | ||||
| CVE-2023-4257 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | 7.6 High |
| Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows. | ||||
| CVE-2019-3560 | 1 Facebook | 1 Fizz | 2025-02-13 | 7.5 High |
| An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input. This issue affected versions of fizz prior to v2019.03.04.00. | ||||
| CVE-2024-11425 | 2025-02-12 | 7.5 High | ||
| CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the product when an unauthenticated user is sending a crafted HTTPS packet to the webserver. | ||||
| CVE-2023-24819 | 1 Riot-os | 1 Riot | 2025-02-04 | 9.8 Critical |
| RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Version 2022.10 fixes this issue. As a workaround, disable support for fragmented IP datagrams or apply the patches manually. | ||||