Search Results (46109 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-0175 1 Heathcosoft 1 Mp3 Trackmaker 2026-04-23 N/A
Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file.
CVE-2009-0176 1 Research In Motion Limited 3 Blackberry Enterprise Server, Blackberry Professional Software, Blackberry Unite 2026-04-23 N/A
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."
CVE-2007-6220 2 Debian, Typespeed 2 Debian Linux, Typespeed 2026-04-23 N/A
typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via unspecified network behavior that triggers a divide-by-zero error.
CVE-2007-6227 1 Qemu 1 Qemu 2026-04-23 N/A
QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com.
CVE-2009-0182 1 Vuplayer 1 Vuplayer 2026-04-23 8.8 High
Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.
CVE-2008-1423 2 Redhat, Xiph.org 3 Enterprise Linux, Linux Advanced Workstation, Libvorbis 2026-04-23 N/A
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow.
CVE-2007-4681 1 Apple 1 Mac Os X 2026-04-23 N/A
Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy.
CVE-2007-4974 1 Mega-nerd 1 Libsndfile 2026-04-23 N/A
Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.
CVE-2008-3408 1 Coolplayer 1 Coolplayer 2026-04-23 N/A
Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file.
CVE-2007-6252 1 Learn2 1 Strunner 2026-04-23 N/A
Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-6353 3 Canonical, Debian, Exiv2 3 Ubuntu Linux, Debian Linux, Exiv2 2026-04-23 N/A
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
CVE-2007-6255 1 Microsoft 5 Internet Explorer, Windows 2000, Windows Server 2003 and 2 more 2026-04-23 N/A
Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method.
CVE-2007-6261 1 Apple 1 Mac Os X 2026-04-23 N/A
Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.
CVE-2007-6262 1 Videolan 1 Vlc Media Player 2026-04-23 N/A
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."
CVE-2009-0192 1 Novell 1 Edirectory 2026-04-23 N/A
Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow.
CVE-2009-0193 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2026-04-23 N/A
Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.
CVE-2008-1382 2 Libpng, Redhat 2 Libpng, Enterprise Linux 2026-04-23 N/A
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
CVE-2007-2668 1 Webdesproxy 1 Webdesproxy 2026-04-23 N/A
Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
CVE-2006-6293 1 F-prot 1 F-prot Antivirus 2026-04-23 N/A
Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. NOTE: this issue has at least a partial overlap with CVE-2006-6294.
CVE-2009-0195 4 Apple, Foolabs, Glyphandcog and 1 more 4 Cups, Xpdf, Xpdfreader and 1 more 2026-04-23 N/A
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.