Total
2705 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4226 | 2 Redhat, Xmlsoft | 2 Enterprise Linux, Libxml | 2025-04-09 | N/A |
| Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document. | ||||
| CVE-2009-0259 | 1 Openoffice | 1 Openoffice.org | 2025-04-09 | N/A |
| The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841. | ||||
| CVE-2008-4269 | 1 Microsoft | 2 Windows Server 2008, Windows Vista | 2025-04-09 | N/A |
| The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability." | ||||
| CVE-2008-4298 | 1 Lighttpd | 1 Lighttpd | 2025-04-09 | N/A |
| Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers. | ||||
| CVE-2007-3739 | 2 Apple, Redhat | 2 Powerpc, Enterprise Linux | 2025-04-09 | N/A |
| mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors. | ||||
| CVE-2008-4610 | 1 Mplayer | 1 Mplayer | 2025-04-09 | N/A |
| MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. | ||||
| CVE-2007-3903 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-09 | N/A |
| Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2009-2173 | 1 Gameis | 1 Carom3d | 2025-04-09 | N/A |
| The LAN game feature in Carom3D 5.06 allows remote authenticated users to cause a denial of service (application hang) via a crafted HTTP request to TCP port 28012. | ||||
| CVE-2009-0322 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2025-04-09 | N/A |
| drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/. | ||||
| CVE-2007-2037 | 1 Cisco | 1 Wireless Lan Controller Software | 2025-04-09 | N/A |
| Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic. | ||||
| CVE-2006-4517 | 1 Novell | 1 Imanager | 2025-04-09 | N/A |
| Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference. | ||||
| CVE-2008-5300 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-09 | N/A |
| Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029. | ||||
| CVE-2008-5402 | 2 Cerulean Studios, Ceruleanstudios | 4 Trillian, Trillian Pro, Trillian and 1 more | 2025-04-09 | N/A |
| Double free vulnerability in the XML parser in Trillian before 3.1.12.0 allows remote attackers to execute arbitrary code via a crafted XML expression, related to the "IMG SRC ID." | ||||
| CVE-2009-0352 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function. | ||||
| CVE-2008-4510 | 1 Microsoft | 1 Windows Vista | 2025-04-09 | N/A |
| Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier allows local users to cause a denial of service (page fault and system crash) via multiple attempts to access a virtual address in a PAGE_NOACCESS memory page. | ||||
| CVE-2007-5971 | 3 Apple, Mit, Redhat | 4 Mac Os X, Mac Os X Server, Kerberos 5 and 1 more | 2025-04-09 | N/A |
| Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | ||||
| CVE-2007-6148 | 1 Adobe | 2 Connect Enterprise Server, Flash Media Server 2 | 2025-04-09 | N/A |
| Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests. | ||||
| CVE-2008-4551 | 1 Strongswan | 1 Strongswan | 2025-04-09 | N/A |
| strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpz_export function in the GNU Multiprecision Library (GMP). | ||||
| CVE-2009-0366 | 1 Wesnoth | 1 Wesnoth | 2025-04-09 | N/A |
| The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document. | ||||
| CVE-2007-6417 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-09 | N/A |
| The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). | ||||