Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3732 | 1 Tenda | 2 F453, F453 Firmware | 2026-04-16 | 8.8 High |
| A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-3768 | 1 Tenda | 2 F453, F453 Firmware | 2026-04-16 | 8.8 High |
| A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-20636 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-04-16 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-20621 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-04-16 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2004-2728 | 1 Hummingbird | 1 Connectivity | 2026-04-16 | N/A |
| Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | ||||
| CVE-2006-1454 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | ||||
| CVE-2001-1456 | 4 Mcafee, Network Associates, Pgp and 1 more | 5 Webshield Smtp, Gauntlet Firewall, Mcafee E-ppliance and 2 more | 2026-04-16 | N/A |
| Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | ||||
| CVE-2005-3534 | 1 Wouter Verhelst | 1 Nbd | 2026-04-16 | N/A |
| Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header. | ||||
| CVE-2006-1550 | 2 Dia, Redhat | 2 Dia, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth. | ||||
| CVE-2004-2719 | 1 Foxmail | 1 Foxmail | 2026-04-16 | N/A |
| Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339. | ||||
| CVE-2006-3251 | 1 Hashcash | 1 Hashcash | 2026-04-16 | N/A |
| Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries. | ||||
| CVE-2006-0734 | 1 Valve Software | 1 Half-life Cstrike Dedicated Server | 2026-04-16 | N/A |
| The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015. | ||||
| CVE-2005-4848 | 1 Rim | 1 Blackberry Enterprise Server | 2026-04-16 | N/A |
| Buffer overflow in the decompression algorithm in Research in Motion BlackBerry Enterprise Server 4.0 SP1 and earlier before 20050607 might allow remote attackers to execute arbitrary code via certain data packets. | ||||
| CVE-2006-0056 | 1 Pam-mysql | 1 Pam-mysql | 2026-04-16 | N/A |
| Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL. | ||||
| CVE-2005-4864 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable. | ||||
| CVE-2004-2685 | 1 Youngzsoft | 1 Ccproxy | 2026-04-16 | N/A |
| Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416. | ||||
| CVE-2002-2372 | 1 Ibm | 2 Infoprint, Infoprint 21 | 2026-04-16 | N/A |
| The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. | ||||
| CVE-2002-2400 | 1 Hughes Technologies | 1 Libhttpd | 2026-04-16 | N/A |
| Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request. | ||||
| CVE-2001-0803 | 1 Open Group | 1 Cde Common Desktop Environment | 2026-04-16 | N/A |
| Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. | ||||
| CVE-2004-2709 | 1 Phrozensmoke | 1 Gyach Enhanced | 2026-04-16 | N/A |
| Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags. | ||||