Total
2775 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0249 | 2 Canonical, Haxx | 3 Ubuntu Linux, Curl, Libcurl | 2025-04-11 | N/A |
| Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message. | ||||
| CVE-2013-0272 | 2 Pidgin, Redhat | 3 Pidgin, Enterprise Linux, Rhel Productivity | 2025-04-11 | N/A |
| Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header. | ||||
| CVE-2013-1591 | 2 Palemoon, Redhat | 3 Pale Moon, Enterprise Linux, Enterprise Virtualization | 2025-04-11 | 9.8 Critical |
| Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop. | ||||
| CVE-2013-2004 | 2 Redhat, X | 2 Enterprise Linux, Libx11 | 2025-04-11 | N/A |
| The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. | ||||
| CVE-2013-4282 | 2 Redhat, Spice Project | 3 Enterprise Linux, Enterprise Virtualization, Spice | 2025-04-11 | N/A |
| Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. | ||||
| CVE-2014-1236 | 1 Graphviz | 1 Graphviz | 2025-04-11 | N/A |
| Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list." | ||||
| CVE-2010-4542 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-5581 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image. | ||||
| CVE-2011-3960 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2013-4473 | 2 Canonical, Freedesktop | 2 Ubuntu Linux, Poppler | 2025-04-11 | N/A |
| Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a source filename. | ||||
| CVE-2010-4531 | 2 Muscle, Redhat | 2 Pcsc-lite, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value. | ||||
| CVE-2014-0978 | 1 Graphviz | 1 Graphviz | 2025-04-11 | N/A |
| Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. | ||||
| CVE-2010-3872 | 2 Apache, Redhat | 2 Mod Fcgid, Enterprise Linux | 2025-04-11 | 7.5 High |
| A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash. | ||||
| CVE-2010-2808 | 4 Apple, Canonical, Freetype and 1 more | 6 Iphone Os, Mac Os X, Tvos and 3 more | 2025-04-11 | N/A |
| Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. | ||||
| CVE-2010-3069 | 3 Canonical, Redhat, Samba | 4 Ubuntu Linux, Enterprise Linux, Rhel Eus and 1 more | 2025-04-11 | N/A |
| Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share. | ||||
| CVE-2010-2221 | 5 Arne Redlich \& Ross Walker, Linux, Redhat and 2 more | 5 Iscsitarget, Linux Kernel, Rhel Cluster Storage and 2 more | 2025-04-11 | N/A |
| Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU. | ||||
| CVE-2010-2067 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2025-04-11 | N/A |
| Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. | ||||
| CVE-2009-4247 | 4 Apple, Microsoft, Realnetworks and 1 more | 7 Mac Os X, Windows, Helix Player and 4 more | 2025-04-11 | N/A |
| Stack-based buffer overflow in protocol/rtsp/rtspclnt.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.x; RealPlayer SP 1.0.0 and 1.0.1; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, 11.0, and 11.0.1; Linux RealPlayer 10, 11.0.0, and 11.0.1; and Helix Player 10.x, 11.0.0, and 11.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an ASM RuleBook with a large number of rules, related to an "array overflow." | ||||
| CVE-2009-4274 | 2 Netpbm, Redhat | 2 Netpbm, Enterprise Linux | 2025-04-11 | N/A |
| Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value. | ||||
| CVE-2010-4259 | 1 Alexej Kryukov | 1 Fontforge | 2025-04-11 | N/A |
| Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a BDF font file. | ||||