Search Results (46116 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2617 1 Baofeng 1 Storm 2026-04-23 N/A
Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote attackers to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist file.
CVE-2009-4442 1 Sun 1 Java System Directory Server 2026-04-23 N/A
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665.
CVE-2007-5652 1 Ibm 1 Db2 2026-04-23 N/A
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
CVE-2009-4420 1 F5 3 Big-ip Application Security Manager, Big-ip Protocol Security Manager, Big-ip Protocol Security Module 2026-04-23 N/A
Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: some of these details are obtained from third party information.
CVE-2009-4418 1 Php 1 Php 2026-04-23 N/A
The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.
CVE-2007-5080 1 Realnetworks 3 Realone Player, Realplayer, Realplayer Enterprise 2026-04-23 N/A
Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise for Windows allows remote attackers to execute arbitrary code via a crafted Lyrics3 2.00 tag in an MP3 file, resulting in a heap-based buffer overflow.
CVE-2009-4413 1 Pps.jussieu 1 Polipo 2026-04-23 N/A
The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault.
CVE-2007-4759 1 Hitachi 3 Ucosminexus Application Server Enterprise, Ucosminexus Application Server Standard, Ucosminexus Service Platform 2026-04-23 N/A
Multiple unspecified vulnerabilities in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service via unspecified vectors.
CVE-2009-1251 2 Openafs, Unix 2 Openafs, Unix 2026-04-23 N/A
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.
CVE-2007-4758 1 Hitachi 3 Ucosminexus Application Server Enterprise, Ucosminexus Application Server Standard, Ucosminexus Service Platform 2026-04-23 N/A
Multiple buffer overflows in the image-processing APIs in Cosminexus Developer's Kit for Java in Cosminexus 4 through 7 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors.
CVE-2007-5636 1 Nortel 1 Ip Softphone 2050 2026-04-23 N/A
Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of service (application abort) and possibly execute arbitrary code via a flood of invalid characters to the RTCP port (5678/udp) that triggers a Windows error message, aka "extraneous messaging."
CVE-2009-4251 1 Corel 1 Paint Shop Pro 2026-04-23 N/A
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.
CVE-2006-6652 2 Apple, Netbsd 2 Mac Os X, Netbsd 2026-04-23 N/A
Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion.
CVE-2007-3876 1 Apple 1 Mac Os X 2026-04-23 N/A
Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil.
CVE-2009-2703 2 Pidgin, Redhat 3 Libpurple, Pidgin, Enterprise Linux 2026-04-23 N/A
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
CVE-2006-6676 1 Eset Software 1 Nod32 Antivirus 2026-04-23 N/A
Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.
CVE-2009-4230 1 Ruven Pillay 1 Iipimage Server 2026-04-23 N/A
Multiple stack-based buffer overflows in src/Task.cc in the FastCGI program in IIPImage Server before 0.9.8 might allow remote attackers to execute arbitrary code via vectors associated with crafted arguments to the (1) RGN::run, (2) JTLS::run, or (3) SHD::run function. NOTE: some of these details are obtained from third party information.
CVE-2007-5507 1 Oracle 1 Database Server 2026-04-23 N/A
The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (crash) or read potentially sensitive memory via a connect GIOP packet with an invalid data size, which triggers a buffer over-read, aka DB22.
CVE-2007-4734 1 Ots Labs 1 Otsturntables 2026-04-23 N/A
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
CVE-2007-4735 1 Next Generation Software 1 Virtual Dj \(vdj\) 2026-04-23 N/A
Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.