ReportizFlow
Filtered by vendor
Subscriptions
Total
1230 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3551 | 1 Wireshark | 1 Wireshark | 2025-04-09 | N/A |
| Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-3034 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Server 2003 and 1 more | 2025-04-09 | N/A |
| Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow. | ||||
| CVE-2009-1884 | 2 Bzip, Perl | 2 Compress-raw-bzip2, Perl | 2025-04-09 | N/A |
| Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391. | ||||
| CVE-2008-4220 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the WLB-2008080064 advisory published by SecurityReason on 20080822; however, as of 20081216, there are insufficient details to be sure. | ||||
| CVE-2009-1924 | 1 Microsoft | 2 Windows 2000, Windows 2003 Server | 2025-04-09 | N/A |
| Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability." | ||||
| CVE-2007-4622 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. | ||||
| CVE-2008-4211 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns." | ||||
| CVE-2007-4686 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | N/A |
| Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request. | ||||
| CVE-2009-1932 | 2 Gstreamer, Redhat | 2 Good Plug-ins, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. | ||||
| CVE-2009-1935 | 1 Freebsd | 1 Freebsd | 2025-04-09 | N/A |
| Integer overflow in the pipe_build_write_buffer function (sys/kern/sys_pipe.c) in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pages via unspecified vectors. | ||||
| CVE-2008-5396 | 1 Asterisk | 1 Zaptel | 2025-04-09 | N/A |
| Array index error in the (1) torisa.c and (2) dahdi/tor2.c drivers in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZT_SPANCONFIG ioctl. | ||||
| CVE-2008-4254 | 1 Microsoft | 5 Office Frontpage, Project, Visual Basic and 2 more | 2025-04-09 | N/A |
| Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability." | ||||
| CVE-2009-1959 | 1 Irssi | 1 Irssi | 2025-04-09 | N/A |
| Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow. | ||||
| CVE-2008-4061 | 4 Canonical, Debian, Mozilla and 1 more | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2025-04-09 | N/A |
| Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine. | ||||
| CVE-2009-3126 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2025-04-09 | N/A |
| Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability." | ||||
| CVE-2008-4327 | 1 Microsoft | 1 Windows Xp | 2025-04-09 | N/A |
| gdiplus.dll in GDI+ in Microsoft Windows XP SP3 does not properly handle crafted .ico files, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a certain crash.ico file on a web site, and allows user-assisted attackers to cause a denial of service (divide-by-zero error and persistent application crash) via this crash.ico file on the desktop, a different vulnerability than CVE-2007-2237. | ||||
| CVE-2008-4036 | 1 Microsoft | 4 Windows Server 2003, Windows Server 2008, Windows Vista and 1 more | 2025-04-09 | 8.4 High |
| Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability." | ||||
| CVE-2008-5031 | 2 Python, Redhat | 2 Python, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315. | ||||
| CVE-2007-5713 | 2 Amxmodx, Valve Software | 2 Amx Mod X, Half-life Dedicated Server | 2025-04-09 | N/A |
| Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow. | ||||
| CVE-2008-1302 | 2 Microsoft, Perforce | 2 Windows, Perforce Server | 2025-04-09 | N/A |
| The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access. | ||||