Search Results (23273 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0112 24 4d, Apple, Avaya and 21 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2026-04-16 N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2006-3404 2 Gimp, Redhat 2 Gimp, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
CVE-2004-0184 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2026-04-16 N/A
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2004-0455 2 Debian, Www-sql Project 2 Debian Linux, Www-sql 2026-04-16 N/A
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
CVE-2005-0369 1 Armagetronad 2 Armagetron, Armagetron Advanced 2026-04-16 5.3 Medium
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
CVE-2001-0191 3 Andynorman, Gnu, Redhat 4 Gnuserv, Xemacs, Linux and 1 more 2026-04-16 N/A
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
CVE-2004-0183 2 Redhat, Tcpdump 2 Enterprise Linux, Tcpdump 2026-04-16 N/A
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-1999-0385 1 Microsoft 1 Exchange Server 2026-04-16 N/A
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
CVE-2005-1987 1 Microsoft 4 Exchange Server, Windows 2000, Windows Server 2003 and 1 more 2026-04-16 N/A
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
CVE-2002-0969 2 Microsoft, Oracle 2 Windows, Mysql 2026-04-16 7.8 High
Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
CVE-2004-0221 1 Openbsd 1 Openbsd 2026-04-16 N/A
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVE-2002-1337 8 Gentoo, Hp, Netbsd and 5 more 11 Linux, Alphaserver Sc, Hp-ux and 8 more 2026-04-16 N/A
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
CVE-2006-0963 1 Stlport Project 1 Stlport 2026-04-16 N/A
Multiple buffer overflows in STLport 5.0.2 might allow local users to execute arbitrary code via (1) long locale environment variables to a strcpy function call in c_locale_glibc2.c and (2) long arguments to unspecified functions in num_put_float.cpp.
CVE-1999-0038 7 Bsdi, Data General, Debian and 4 more 9 Bsd Os, Dg Ux, Debian Linux and 6 more 2026-04-16 8.4 High
Buffer overflow in xlock program allows local users to execute commands as root.
CVE-1999-0046 10 Bsdi, Debian, Digital and 7 more 10 Bsd Os, Debian Linux, Ultrix and 7 more 2026-04-16 N/A
Buffer overflow of rlogin program using TERM environmental variable.
CVE-2004-0150 1 Python 1 Python 2026-04-16 N/A
Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.
CVE-2000-1216 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.
CVE-2000-0546 3 Cygnus Network Security Project, Kerbnet Project, Mit 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more 2026-04-16 N/A
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function.
CVE-1999-0945 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
CVE-1999-0029 1 Sgi 1 Irix 2026-04-16 8.4 High
root privileges via buffer overflow in ordist command on SGI IRIX systems.