Export limit exceeded: 19010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44111 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0973 | 1 Double-take Software | 1 Double-take | 2026-04-23 | N/A |
| Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field. | ||||
| CVE-2009-4488 | 1 Varnish.projects.linpro | 1 Varnish | 2026-04-23 | 9.8 Critical |
| Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. NOTE: the vendor disputes the significance of this report, stating that "This is not a security problem in Varnish or any other piece of software which writes a logfile. The real problem is the mistaken belief that you can cat(1) a random logfile to your terminal safely. | ||||
| CVE-2009-1330 | 1 Mini-stream | 1 Easy Rm To Mp3 Converter | 2026-04-23 | N/A |
| Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file. | ||||
| CVE-2009-1295 | 2 Apport, Ubuntu | 2 Apport, Ubuntu | 2026-04-23 | N/A |
| Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors. | ||||
| CVE-2008-1498 | 1 Netwin | 1 Surgemail | 2026-04-23 | N/A |
| Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command. | ||||
| CVE-2009-4537 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2026-04-23 | N/A |
| drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389. | ||||
| CVE-2007-4759 | 1 Hitachi | 3 Ucosminexus Application Server Enterprise, Ucosminexus Application Server Standard, Ucosminexus Service Platform | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2008-1507 | 1 Peel | 1 Peel | 2026-04-23 | N/A |
| PEEL, possibly 3.x and earlier, has (1) a default info@peel.fr account with password admin, and (2) a default contact@peel.fr account with password cinema, which allows remote attackers to gain administrative access. | ||||
| CVE-2007-6732 | 1 Claudio Matsuoka | 1 Extended Module Player | 2026-04-23 | N/A |
| Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors related to an untrusted length value and the (1) pofs and (2) plen arrays. | ||||
| CVE-2006-6134 | 1 Microsoft | 1 Windows Media Player | 2026-04-23 | N/A |
| Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file. | ||||
| CVE-2009-1291 | 1 Tibco | 4 Enterprise Message Service, Rtworks, Smartsockets and 1 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd. | ||||
| CVE-2009-1284 | 1 Bibtex | 1 Bibtex | 2026-04-23 | N/A |
| Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file. | ||||
| CVE-2007-6724 | 2 Microsoft, Vidalia-project | 2 Windows, Vidalia Bundle | 2026-04-23 | N/A |
| Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file (config.txt or config) that contains an insecure enable-remote-http-toggle setting, which allows remote attackers to bypass intended access restrictions and modify configuration. | ||||
| CVE-2009-1274 | 1 Xine | 1 Xine-lib | 2026-04-23 | N/A |
| Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. | ||||
| CVE-2009-1329 | 1 Mini-stream | 1 Shadow Stream Recorder | 2026-04-23 | N/A |
| Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | ||||
| CVE-2007-6723 | 3 Anonymityanywhere, Apple, Microsoft | 3 Tork, Mac Os X, Windows | 2026-04-23 | N/A |
| TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration. | ||||
| CVE-2009-1265 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent. | ||||
| CVE-2007-2831 | 1 Madwifi | 1 Madwifi | 2026-04-23 | N/A |
| Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams functions in net80211/ieee80211_wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service (system crash), possibly obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value. | ||||
| CVE-2009-1262 | 1 Fortinet | 1 Forticlient | 2026-04-23 | N/A |
| Format string vulnerability in Fortinet FortiClient 3.0.614, and possibly earlier, allows local users to execute arbitrary code via format string specifiers in the VPN connection name. | ||||
| CVE-2007-6722 | 3 Apple, Microsoft, Vidalia-project | 3 Mac Os X, Windows, Vidalia Bundle | 2026-04-23 | N/A |
| Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration. | ||||