ReportizFlow
Filtered by vendor
Subscriptions
Total
1234 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5745 | 1 Microsoft | 1 Windows Media Player | 2025-04-09 | N/A |
| Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. NOTE: this has been incorrectly reported as a code-execution vulnerability. NOTE: it is not clear whether this issue is related to CVE-2008-4927. | ||||
| CVE-2007-4622 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. | ||||
| CVE-2009-0186 | 2 Mega-nerd, Nullsoft | 2 Libsndfile, Winamp | 2025-04-09 | N/A |
| Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow. | ||||
| CVE-2008-0486 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2025-04-09 | N/A |
| Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. | ||||
| CVE-2008-5286 | 2 Apple, Redhat | 2 Cups, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow. | ||||
| CVE-2008-5352 | 2 Redhat, Sun | 4 Network Satellite, Rhel Extras, Jdk and 1 more | 2025-04-09 | N/A |
| Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow. | ||||
| CVE-2008-0434 | 1 Gecad Technologies | 1 Axigen Mail Server | 2025-04-09 | N/A |
| Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command. | ||||
| CVE-2007-0062 | 1 Vmware | 5 Ace, Player, Server and 2 more | 2025-04-09 | N/A |
| Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. | ||||
| CVE-2008-0318 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | N/A |
| Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow. | ||||
| CVE-2009-2989 | 1 Adobe | 1 Acrobat | 2025-04-09 | N/A |
| Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-6352 | 2 Libexif, Redhat | 2 Libexif, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c. | ||||
| CVE-2007-6335 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | N/A |
| Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow. | ||||
| CVE-2008-2430 | 2 Microsoft, Videolan | 2 Windows Nt, Vlc Media Player | 2025-04-09 | N/A |
| Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file. | ||||
| CVE-2008-2361 | 2 Redhat, Xorg | 2 Enterprise Linux, X11 | 2025-04-09 | N/A |
| Integer overflow in the ProcRenderCreateCursor function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to cause a denial of service (daemon crash) via unspecified request fields that are used to calculate a glyph buffer size, which triggers a dereference of unmapped memory. | ||||
| CVE-2008-5237 | 1 Xine | 1 Xine | 2025-04-09 | N/A |
| Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) crafted width and height values that are not validated by the mymng_process_header function in demux_mng.c before use in an allocation calculation or (2) crafted current_atom_size and string_size values processed by the parse_reference_atom function in demux_qt.c for an RDRF_ATOM string. | ||||
| CVE-2008-3526 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-09 | N/A |
| Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option. | ||||
| CVE-2007-5503 | 1 Redhat | 2 Cairo, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function. | ||||
| CVE-2007-4990 | 2 Redhat, X.org | 2 Enterprise Linux, X Font Server | 2025-04-09 | N/A |
| The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. | ||||
| CVE-2007-3472 | 2 Libgd, Redhat | 2 Gd Graphics Library, Enterprise Linux | 2025-04-09 | N/A |
| Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. | ||||
| CVE-2008-2322 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow. | ||||