Total
2134 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1887 | 3 Canonical, Debian, Python | 3 Ubuntu Linux, Debian Linux, Python | 2023-12-10 | 9.3 HIGH | N/A |
| Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. | |||||
| CVE-2009-3023 | 1 Microsoft | 6 Internet Information Server, Windows 2000, Windows Server 2003 and 3 more | 2023-12-10 | 9.0 HIGH | N/A |
| Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability." | |||||
| CVE-2009-0884 | 1 Filezilla-project | 1 Filezilla Server | 2023-12-10 | 4.3 MEDIUM | N/A |
| Buffer overflow in FileZilla Server before 0.9.31 allows remote attackers to cause a denial of service via unspecified vectors related to SSL/TLS packets. | |||||
| CVE-2008-3142 | 3 Canonical, Debian, Python | 3 Ubuntu Linux, Debian Linux, Python | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | |||||
| CVE-2008-3496 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. | |||||
| CVE-2009-1186 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2023-12-10 | 2.1 LOW | N/A |
| Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. | |||||
| CVE-2008-1677 | 1 Redhat | 2 Directory Server, Fedora Directory Server | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression. | |||||
| CVE-2007-0803 | 1 Stlport Project | 1 Stlport | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to (1) "print floats" and (2) a missing null termination in the "rope constructor." | |||||
| CVE-2007-2809 | 1 Opera | 1 Opera Browser | 2023-12-10 | 9.3 HIGH | N/A |
| Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274. | |||||
| CVE-2007-0455 | 5 Canonical, Fedoraproject, Gd Graphics Library Project and 2 more | 7 Ubuntu Linux, Fedora, Gd Graphics Library and 4 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. | |||||
| CVE-2007-1887 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character. | |||||
| CVE-2005-1987 | 1 Microsoft | 4 Exchange Server, Windows 2000, Windows Server 2003 and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string. | |||||
| CVE-2006-0963 | 1 Stlport Project | 1 Stlport | 2023-12-10 | 4.6 MEDIUM | N/A |
| Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1) long locale environment variables to a strcpy function call in c_locale_glibc2.c and (2) long arguments to unspecified functions in num_put_float.cpp. | |||||
| CVE-2006-3404 | 1 Gimp | 1 Gimp | 2023-12-10 | 5.1 MEDIUM | N/A |
| Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property. | |||||
| CVE-2006-2935 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2023-12-10 | 4.6 MEDIUM | N/A |
| The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. | |||||
| CVE-2002-0062 | 5 Debian, Freebsd, Gnu and 2 more | 5 Debian Linux, Freebsd, Ncurses and 2 more | 2023-12-10 | 7.2 HIGH | N/A |
| Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | |||||
| CVE-2003-1228 | 1 Mathopd | 1 Mathopd | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. | |||||
| CVE-1999-1237 | 1 Apache | 1 Http Server | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods. | |||||
| CVE-1999-0385 | 1 Microsoft | 1 Exchange Server | 2023-12-10 | 10.0 HIGH | N/A |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | |||||
| CVE-2002-0698 | 1 Microsoft | 1 Exchange Server | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response. | |||||