Total
14647 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2485 | 1 Tingan | 1 Ht-mp3player | 2026-04-23 | N/A |
| Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file. | ||||
| CVE-2009-2549 | 1 Bistudio | 2 Arma, Arma 2 | 2026-04-23 | N/A |
| Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value is (1) 0, which triggers a server crash related to memory allocation, or (2) 1, which triggers CPU/memory consumption and a NULL pointer dereference. | ||||
| CVE-2009-2566 | 1 Tfm | 1 Mmplayer | 2026-04-23 | N/A |
| Stack-based buffer overflow in TFM MMPlayer 2.0, and possibly 2.0.0.30, allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | ||||
| CVE-2009-2568 | 1 Sorinara | 1 Streaming Audio Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote attackers to execute arbitrary code via a long string in a playlist (.m3u) file. | ||||
| CVE-2007-5788 | 1 Grandstream | 1 Ht488 | 2026-04-23 | N/A |
| Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP INVITE message. | ||||
| CVE-2009-2703 | 2 Pidgin, Redhat | 3 Libpurple, Pidgin, Enterprise Linux | 2026-04-23 | N/A |
| libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string. | ||||
| CVE-2009-1636 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command. | ||||
| CVE-2009-1640 | 1 Nucleustechnologies | 1 Kernel Recovery | 2026-04-23 | N/A |
| Stack-based buffer overflow in Nucleus Data Recovery Kernel Recovery for Macintosh 4.04 allows user-assisted attackers to execute arbitrary code via a crafted .AMHH file. | ||||
| CVE-2009-1644 | 1 Sorinara | 1 Streaming Audio Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file. | ||||
| CVE-2009-1646 | 1 Mini-stream | 1 Mini-stream Rm Downloader | 2026-04-23 | N/A |
| Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file. | ||||
| CVE-2009-1660 | 1 Urusoft | 1 Viplay3 | 2026-04-23 | N/A |
| Stack-based buffer overflow in URUWorks ViPlay3 3.0 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file entry in a .vpl file. | ||||
| CVE-2007-5709 | 1 Sony | 1 Sonicstage Connect Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file. | ||||
| CVE-2009-1726 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile. | ||||
| CVE-2009-1817 | 1 Digimode10 | 1 Maya | 2026-04-23 | N/A |
| Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .m3u or (2) .m3l playlist file. | ||||
| CVE-2009-1866 | 2 Adobe, Redhat | 4 Air, Flash Player, Flex and 1 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2009-1586 | 1 Shemes | 1 Grabit | 2026-04-23 | N/A |
| Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file. | ||||
| CVE-2009-1569 | 1 Novell | 1 Iprint | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time. | ||||
| CVE-2009-1568 | 1 Novell | 1 Iprint Client | 2026-04-23 | N/A |
| Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter. | ||||
| CVE-2009-1534 | 1 Microsoft | 5 Biztalk Server, Isa Server, Office and 2 more | 2026-04-23 | N/A |
| Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office Web Components Buffer Overflow Vulnerability." | ||||
| CVE-2007-5687 | 1 Justsystem | 1 Ichitaro | 2026-04-23 | N/A |
| Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL. | ||||