ReportizFlow
Filtered by vendor
Subscriptions
Total
14474 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2781 | 2 Mozilla, Redhat | 3 Seamonkey, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters. | ||||
| CVE-2003-1395 | 1 Kazaa | 1 Kazaa Media Desktop | 2026-04-16 | N/A |
| Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server. | ||||
| CVE-2003-1429 | 1 Proxomitron | 1 Proxomitron Naoko | 2026-04-16 | N/A |
| Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to execute arbitrary code via a long request. | ||||
| CVE-2003-1377 | 1 Sircd | 1 Sircd | 2026-04-16 | N/A |
| Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname. | ||||
| CVE-2005-2310 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE. | ||||
| CVE-2006-0459 | 1 Westes | 1 Flex | 2026-04-16 | N/A |
| flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. | ||||
| CVE-2026-4149 | 1 Sonos | 2 Era 300, Era 300 Firmware | 2026-04-16 | 9.8 Critical |
| Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the DataOffset field within SMB responses. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the kernel. Was ZDI-CAN-28345. | ||||
| CVE-2022-0204 | 3 Bluez, Debian, Fedoraproject | 3 Bluez, Debian Linux, Fedora | 2026-04-16 | 8.8 High |
| A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | ||||
| CVE-2019-8922 | 3 Bluez, Debian, Linux | 3 Bluez, Debian Linux, Linux Kernel | 2026-04-16 | 8.8 High |
| A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to the output buffer. There are no size checks whatsoever, resulting in a simple heap overflow if one can craft a request where the response is large enough to overflow the preallocated buffer. This issue exists in service_attr_req gets called by process_request (in sdpd-request.c), which also allocates the response buffer. | ||||
| CVE-2017-1000257 | 3 Debian, Haxx, Redhat | 5 Debian Linux, Libcurl, Enterprise Linux and 2 more | 2026-04-16 | 9.1 Critical |
| An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded. | ||||
| CVE-2016-9586 | 2 Haxx, Redhat | 2 Curl, Rhel Software Collections | 2026-04-16 | N/A |
| curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. | ||||
| CVE-2026-20635 | 1 Apple | 8 Ios And Ipados, Ipados, Iphone Os and 5 more | 2026-04-16 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-20700 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-04-16 | 7.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | ||||
| CVE-2026-20605 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-04-16 | 4.6 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to crash a system process. | ||||
| CVE-2018-16839 | 4 Canonical, Debian, Haxx and 1 more | 4 Ubuntu Linux, Debian Linux, Curl and 1 more | 2026-04-15 | N/A |
| Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. | ||||
| CVE-2026-34864 | 1 Huawei | 1 Harmonyos | 2026-04-15 | 6.8 Medium |
| Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-0878 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-15 | 8 High |
| Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | ||||
| CVE-2026-0879 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-15 | 9.8 Critical |
| Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | ||||
| CVE-2026-0886 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-15 | 5.3 Medium |
| Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | ||||
| CVE-2026-0891 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2026-04-15 | 8.1 High |
| Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | ||||