Total
2429 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-3896 | 1 Google | 1 Chrome | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. | |||||
CVE-2010-3441 | 2 Fedoraproject, Moinejf | 2 Fedora, Abcm2ps | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line. | |||||
CVE-2011-2700 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 2.1 LOW | N/A |
Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID. | |||||
CVE-2011-2534 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Buffer overflow in the clusterip_proc_write function in net/ipv4/netfilter/ipt_CLUSTERIP.c in the Linux kernel before 2.6.39 might allow local users to cause a denial of service or have unspecified other impact via a crafted write operation, related to string data that lacks a terminating '\0' character. | |||||
CVE-2011-2788 | 2 Apple, Google | 4 Iphone Os, Itunes, Safari and 1 more | 2024-02-28 | 6.8 MEDIUM | N/A |
Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors. | |||||
CVE-2011-3033 | 2 Google, Opensuse | 2 Chrome, Opensuse | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||||
CVE-2008-3142 | 3 Canonical, Debian, Python | 3 Ubuntu Linux, Debian Linux, Python | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | |||||
CVE-2009-1186 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2024-02-28 | 2.1 LOW | N/A |
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. | |||||
CVE-2009-0884 | 1 Filezilla-project | 1 Filezilla Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Buffer overflow in FileZilla Server before 0.9.31 allows remote attackers to cause a denial of service via unspecified vectors related to SSL/TLS packets. | |||||
CVE-2009-3023 | 1 Microsoft | 6 Internet Information Server, Windows 2000, Windows Server 2003 and 3 more | 2024-02-28 | 9.0 HIGH | N/A |
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability." | |||||
CVE-2008-3275 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories. | |||||
CVE-2008-3496 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. | |||||
CVE-2008-1677 | 1 Redhat | 2 Directory Server, Fedora Directory Server | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression. | |||||
CVE-2008-1887 | 3 Canonical, Debian, Python | 3 Ubuntu Linux, Debian Linux, Python | 2024-02-28 | 9.3 HIGH | N/A |
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. | |||||
CVE-2009-0182 | 1 Vuplayer | 1 Vuplayer | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line. | |||||
CVE-2007-0455 | 5 Canonical, Fedoraproject, Gd Graphics Library Project and 2 more | 7 Ubuntu Linux, Fedora, Gd Graphics Library and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. | |||||
CVE-2007-1887 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character. | |||||
CVE-2008-0379 | 1 Businessobjects | 1 Crystal Reports Xi | 2024-02-28 | 9.3 HIGH | N/A |
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer overflow. | |||||
CVE-2007-0803 | 1 Stlport Project | 1 Stlport | 2024-02-28 | 7.5 HIGH | N/A |
Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to (1) "print floats" and (2) a missing null termination in the "rope constructor." | |||||
CVE-2007-2809 | 1 Opera | 1 Opera Browser | 2024-02-28 | 9.3 HIGH | N/A |
Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274. |