Export limit exceeded: 16462 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1244 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2026-04-16 | N/A |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | ||||
| CVE-2006-0038 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function. | ||||
| CVE-2006-3630 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-16 | N/A |
| Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to 0.99.0 have unknown impact and remote attack vectors via the (1) NCP NMAS and (2) NDPS dissectors. | ||||
| CVE-2005-2754 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | ||||
| CVE-2006-3744 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2026-04-16 | N/A |
| Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows. | ||||
| CVE-2005-2753 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file that causes a sign extension of the length element in a Pascal style string. | ||||
| CVE-2006-4486 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2026-04-16 | N/A |
| Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction. | ||||
| CVE-2005-3711 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values. | ||||
| CVE-2006-3467 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861. | ||||
| CVE-2006-1552 | 1 Apple | 4 Imageio, Mac Os X, Mac Os X Server and 1 more | 2026-04-16 | N/A |
| Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". | ||||
| CVE-2002-2419 | 1 Dctc Project | 1 Dctc | 2026-04-16 | N/A |
| Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character. | ||||
| CVE-2006-0747 | 2 Freetype, Redhat | 2 Freetype, Enterprise Linux | 2026-04-16 | N/A |
| Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values. | ||||
| CVE-2006-1462 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file. | ||||
| CVE-2005-0739 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. | ||||
| CVE-2005-1704 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow. | ||||
| CVE-2006-3486 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2026-04-16 | N/A |
| Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability | ||||
| CVE-2002-2235 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| member2.php in vBulletin 2.2.9 and earlier does not properly restrict the $perpage variable to be an integer, which causes an error message to be reflected back to the user without quoting, which facilitates cross-site scripting (XSS) and possibly other attacks. | ||||
| CVE-2005-2495 | 2 Redhat, Xfree86 Project | 2 Enterprise Linux, Xfree86 | 2026-04-16 | N/A |
| Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image. | ||||
| CVE-2005-3709 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. | ||||
| CVE-2006-1730 | 2 Mozilla, Redhat | 5 Firefox, Mozilla Suite, Seamonkey and 2 more | 2026-04-16 | N/A |
| Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow. | ||||