Max CVSS 10.0 Min CVSS 4.3 Total Count54
IDCVSSSummaryLast (major) updatePublished
CVE-2008-2286 7.5
SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet.
19-02-2017 - 00:22 18-05-2008 - 10:20
CVE-2008-1447 5.0
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
19-02-2017 - 00:21 08-07-2008 - 19:41
CVE-2015-0235 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu
02-01-2017 - 21:59 28-01-2015 - 14:59
CVE-2010-1871 6.8
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a craf
12-12-2013 - 23:39 05-08-2010 - 09:23
CVE-2008-2992 9.3
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-20
27-08-2013 - 02:03 04-11-2008 - 13:29
CVE-2012-4356 4.3
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode
20-08-2012 - 12:16 19-08-2012 - 16:55
CVE-2009-0695 7.5
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
26-06-2012 - 00:00 19-06-2012 - 16:55
CVE-2010-2743 7.2
The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated
04-10-2011 - 22:47 20-01-2011 - 16:00
CVE-2006-2659 7.8
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding.
20-09-2011 - 22:05 30-05-2006 - 15:02
CVE-2007-6166 9.3
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Conten
04-08-2011 - 00:00 28-11-2007 - 20:46
CVE-2008-3704 9.3
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP
01-08-2011 - 00:00 18-08-2008 - 15:41
CVE-2008-1472 9.3
Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows r
01-08-2011 - 00:00 24-03-2008 - 18:44
CVE-2009-0658 9.3
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as expl
07-03-2011 - 22:18 20-02-2009 - 14:30
CVE-2008-5159 10.0
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corrupt
07-03-2011 - 22:14 18-11-2008 - 16:30
CVE-2008-2639 7.6
Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222.
07-03-2011 - 22:09 16-06-2008 - 14:41
CVE-2008-2240 10.0
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP h
07-03-2011 - 22:08 22-05-2008 - 09:09
CVE-2008-2161 10.0
Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information.
07-03-2011 - 22:08 12-05-2008 - 18:20
CVE-2008-2157 10.0
robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows allows remote attackers to execute arbitrary commands via an unspecified string field in a packet to TCP port 3500.
07-03-2011 - 22:08 29-05-2008 - 12:32
CVE-2008-1914 10.0
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained f
07-03-2011 - 22:08 22-04-2008 - 00:41
CVE-2008-1491 10.0
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.
07-03-2011 - 22:07 25-03-2008 - 15:44
CVE-2008-0955 9.3
Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value.
07-03-2011 - 22:05 29-05-2008 - 12:32
CVE-2008-0935 10.0
Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method.
07-03-2011 - 22:05 25-02-2008 - 13:44
CVE-2008-0871 6.8
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.
07-03-2011 - 22:05 21-02-2008 - 14:44
CVE-2008-0621 7.5
Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.
07-03-2011 - 22:05 06-02-2008 - 07:00
CVE-2008-0311 9.3
Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request.
07-03-2011 - 22:04 06-04-2008 - 19:44
CVE-2008-0065 10.0
Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles.
07-03-2011 - 22:03 22-01-2008 - 15:00
CVE-2007-6377 7.5
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string.
07-03-2011 - 22:02 14-12-2007 - 20:46
CVE-2007-5660 9.3
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly i
07-03-2011 - 22:01 02-11-2007 - 12:46
CVE-2007-5603 9.3
Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry
07-03-2011 - 22:01 05-11-2007 - 13:46
CVE-2007-5246 10.0
Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855, and WI 2.0.0.12748 and 2.0.1.12855, allow remote attackers to execute arbitrary code via (1) a long attach request on TCP port 3050 to the isc_attach_database function
07-03-2011 - 22:00 06-10-2007 - 13:17
CVE-2007-5243 9.3
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attac
07-03-2011 - 22:00 06-10-2007 - 13:17
CVE-2007-5217 6.8
Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in Altnet Download Manager 4.0.0.6, as used in (1) Kazaa 3.2.7 and (2) Grokster, allows remote attackers to execute arbitrary code via a long argument to the Install method. NOTE: t
07-03-2011 - 22:00 04-10-2007 - 20:17
CVE-2007-4515 9.3
Buffer overflow in a certain ActiveX control in YVerInfo.dll before 2007.8.27.1 in the Yahoo! services suite for Yahoo! Messenger before 8.1.0.419 allows remote attackers to execute arbitrary code via unspecified vectors involving arguments to the (1
07-03-2011 - 21:58 31-08-2007 - 18:17
CVE-2007-4474 9.3
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an
07-03-2011 - 21:58 27-12-2007 - 17:46
CVE-2007-4466 6.8
Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters.
07-03-2011 - 21:58 09-10-2007 - 18:17
CVE-2008-3558 9.3
Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method.
07-03-2011 - 00:00 08-08-2008 - 15:41
CVE-2007-5601 9.3
Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain
07-03-2011 - 00:00 20-10-2007 - 16:17
CVE-2010-1799 9.3
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
21-08-2010 - 01:41 16-08-2010 - 14:39
CVE-2010-0478 9.3
Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for Microsoft Windows 2000 Server SP4 allows remote attackers to execute arbitrary code via crafted packets associated with transport information, aka "Med
21-08-2010 - 01:39 14-04-2010 - 12:00
CVE-2009-1260 9.3
Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
01-04-2010 - 01:33 07-04-2009 - 19:30
CVE-2008-7232 10.0
Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command.
16-09-2009 - 00:00 14-09-2009 - 10:30
CVE-2008-0506 6.8
include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) before 1.4.15, when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) quality, (2) angl
11-09-2009 - 00:00 31-01-2008 - 15:00
CVE-2008-4193 10.0
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.
15-08-2009 - 01:14 24-09-2008 - 07:42
CVE-2009-2367 7.5
cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session_id parameter.
08-07-2009 - 00:00 08-07-2009 - 11:30
CVE-2008-6825 6.8
Directory traversal vulnerability in user/index.php in Fonality trixbox CE 2.6.1 and earlier allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the langChoice parameter.
08-06-2009 - 00:00 05-06-2009 - 17:30
CVE-2008-2905 6.8
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolut
14-04-2009 - 01:32 30-06-2008 - 14:24
CVE-2009-0880 6.8
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
21-03-2009 - 01:55 12-03-2009 - 11:20
CVE-2008-1611 10.0
Stack-based buffer overflow in TFTP Server SP 1.4 for Windows allows remote attackers to cause a denial of service or execute arbitrary code via a long filename in a read or write request.
18-03-2009 - 01:35 01-04-2008 - 12:44
CVE-2008-5711 9.3
Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
29-01-2009 - 02:00 24-12-2008 - 13:29
CVE-2007-4915 10.0
The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password st
15-11-2008 - 01:59 17-09-2007 - 13:17
CVE-2007-4370 7.5
Multiple buffer overflows in the (1) client and (2) server in Racer 0.5.3 beta 5 allow remote attackers to execute arbitrary code via a long string to UDP port 26000.
15-11-2008 - 01:56 15-08-2007 - 19:17
CVE-2008-0550 10.0
Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.
05-09-2008 - 17:35 01-02-2008 - 15:00
CVE-2007-6509 7.8
Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote attackers to cause a denial of service via a crafted packet to port 5400/tcp.
05-09-2008 - 17:33 21-12-2007 - 14:46
CVE-2007-4776 9.3
Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: th
05-09-2008 - 17:29 10-09-2007 - 17:17
Back to Top Mark selected
Back to Top