Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1704 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url. | |||||
| CVE-2011-1525 | 1 Realnetworks | 1 Realplayer | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file. | |||||
| CVE-2011-1705 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url. | |||||
| CVE-2011-1702 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url. | |||||
| CVE-2011-1730 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message. | |||||
| CVE-2011-1701 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url. | |||||
| CVE-2011-1707 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url. | |||||
| CVE-2011-1699 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url. | |||||
| CVE-2011-1720 | 1 Postfix | 1 Postfix | 2018-10-09 | 6.8 MEDIUM | N/A |
| The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method. | |||||
| CVE-2011-1731 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message. | |||||
| CVE-2011-1729 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message. | |||||
| CVE-2011-1577 | 1 Linux | 1 Linux Kernel | 2018-10-09 | 4.9 MEDIUM | N/A |
| Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media. | |||||
| CVE-2011-1708 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie. | |||||
| CVE-2011-1735 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message. | |||||
| CVE-2011-1706 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url. | |||||
| CVE-2011-1734 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message. | |||||
| CVE-2011-1733 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message. | |||||
| CVE-2011-1703 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url. | |||||
| CVE-2011-1700 | 1 Novell | 1 Iprint | 2018-10-09 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url. | |||||
| CVE-2011-1728 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message. | |||||
| CVE-2011-1732 | 1 Hp | 1 Openview Storage Data Protector | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message. | |||||
| CVE-2011-0994 | 1 Novell | 1 File Reporter | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data. | |||||
| CVE-2011-1220 | 1 Ibm | 1 Tivoli Management Framework | 2018-10-09 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field. | |||||
| CVE-2011-0975 | 1 Bmc | 6 Capacity Management Essentials, Performance Analysis For Servers, Performance Analyzer For Servers and 3 more | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in BMC PATROL Agent Service Daemon for in Performance Analysis for Servers, Performance Assurance for Servers, and Performance Assurance for Virtual Servers 7.4.00 through 7.5.10; Performance Analyzer and Performance Predictor for Servers 7.4.00 through 7.5.10; and Capacity Management Essentials 1.2.00 (7.4.15) allows remote attackers to execute arbitrary code via a crafted length value in a BGS_MULTIPLE_READS command to TCP port 6768. | |||||
| CVE-2011-1033 | 1 Ibm | 1 Informix Dynamic Server | 2018-10-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement. | |||||
| CVE-2011-1167 | 1 Libtiff | 1 Libtiff | 2018-10-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. | |||||
| CVE-2011-0742 | 1 Novell | 1 Zenworks Handheld Management | 2018-10-09 | 10.0 HIGH | N/A |
| Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. | |||||
| CVE-2011-0569 | 1 Adobe | 1 Shockwave Player | 2018-10-09 | 9.3 HIGH | N/A |
| The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556. | |||||
| CVE-2011-0555 | 1 Adobe | 1 Shockwave Player | 2018-10-09 | 9.3 HIGH | N/A |
| The TextXtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a Director file with a crafted DEMX RIFF chunk that triggers incorrect buffer allocation, a different vulnerability than CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306. | |||||
| CVE-2011-0915 | 1 Ibm | 1 Lotus Domino | 2018-10-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23. | |||||
| CVE-2011-0919 | 1 Ibm | 1 Lotus Domino | 2018-10-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ. | |||||
| CVE-2011-0556 | 1 Adobe | 1 Shockwave Player | 2018-10-09 | 9.3 HIGH | N/A |
| The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569. | |||||
| CVE-2009-2404 | 4 Aol, Gnome, Mozilla and 1 more | 7 Instant Messenger, Evolution, Firefox and 4 more | 2018-10-03 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long domain name in the subject's Common Name (CN) field of an X.509 certificate, related to the cert_TestHostName function. | |||||
| CVE-2009-2285 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 4.3 MEDIUM | N/A |
| Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. | |||||
| CVE-2008-5702 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 7.2 HIGH | N/A |
| Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call. | |||||
| CVE-2008-5134 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 10.0 HIGH | N/A |
| Buffer overflow in the lbs_process_bss function in drivers/net/wireless/libertas/scan.c in the libertas subsystem in the Linux kernel before 2.6.27.5 allows remote attackers to have an unknown impact via an "invalid beacon/probe response." | |||||
| CVE-2008-3639 | 1 Apple | 1 Cups | 2018-10-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count. | |||||
| CVE-2008-1720 | 1 Samba | 1 Rsync | 2018-10-03 | 7.5 HIGH | N/A |
| Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2007-6341 | 1 Net Dns | 1 Net Dns | 2018-10-03 | 5.0 MEDIUM | N/A |
| Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allows remote attackers to cause a denial of service (program "croak") via a crafted DNS response. | |||||
| CVE-2007-6109 | 1 Gnu | 1 Emacs | 2018-10-03 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line. | |||||
| CVE-2007-4661 | 1 Php | 1 Php | 2018-10-03 | 7.5 HIGH | N/A |
| The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872. | |||||
| CVE-2007-4662 | 1 Php | 1 Php | 2018-10-03 | 7.5 HIGH | N/A |
| Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. | |||||
| CVE-2006-2788 | 1 Mozilla | 1 Firefox | 2018-10-03 | 7.5 HIGH | N/A |
| Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code. | |||||
| CVE-2006-2656 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE. | |||||
| CVE-2006-2026 | 1 Libtiff | 1 Libtiff | 2018-10-03 | 6.5 MEDIUM | N/A |
| Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." | |||||
| CVE-2006-1368 | 1 Linux | 1 Linux Kernel | 2018-10-03 | 10.0 HIGH | N/A |
| Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure. | |||||
| CVE-2006-0459 | 1 Will Estes And John Millaway | 1 Flex | 2018-10-03 | 7.5 HIGH | N/A |
| flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. | |||||
| CVE-2005-4268 | 1 Gnu | 1 Cpio | 2018-10-03 | 3.7 LOW | N/A |
| Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. | |||||
| CVE-2005-3662 | 1 Greg Roelofs | 1 Pnmtopng | 2018-10-03 | 4.6 MEDIUM | N/A |
| Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors. | |||||
| CVE-2005-3534 | 1 Wouter Verhelst | 1 Nbd | 2018-10-03 | 7.5 HIGH | N/A |
| Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header. | |||||