Export limit exceeded: 366936 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 46538 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46538 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-6396 1 Blazevideo 1 Hdtv Player 2026-04-23 N/A
Stack-based buffer overflow in BlazeVideo HDTV Player 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist, a different product than CVE-2006-6199. NOTE: it was later reported that 3.5 is also affected.
CVE-2008-5284 1 Iea Software 6 Air Marshal, Emerald, Radius Test Client and 3 more 2026-04-23 N/A
The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions before 5.0.52, Air Marshal 2.0.4 and other versions before 2.0.8, and Radius test client (aka Radlogin) 4.0.20 and earlier, allows remote attackers to cause a denial of service (crash) via an HTTP Content-Length header with a negative value, which triggers a single byte overwrite of memory using a NULL terminator. NOTE: some of these details are obtained from third party information.
CVE-2008-5282 1 W3c 1 Amaya Web Browser 2026-04-23 N/A
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1 allow remote attackers to execute arbitrary code via (1) a link with a long HREF attribute, and (2) a DIV tag with a long id attribute.
CVE-2008-5281 1 South River Technologies 1 Titan Ftp Server 2026-04-23 N/A
Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command.
CVE-2008-5279 1 Zilab 1 Zim Server 2026-04-23 N/A
The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging (ZIM) Server 2.1 and earlier allow remote attackers to execute arbitrary code via (1) heap-based buffer overflows involving multiple vectors including a long room name and a long source account, and (2) a stack-based buffer overflow with a long username in an information request. NOTE: some of these details are obtained from third party information.
CVE-2008-5277 1 Powerdns 1 Powerdns 2026-04-23 N/A
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
CVE-2008-5276 1 Videolan 1 Vlc Media Player 2026-04-23 N/A
Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.
CVE-2008-5263 1 Dmitry Baryshev 1 Ksquirrel-libs 2026-04-23 N/A
Multiple stack-based buffer overflows in the mt_codec::getHdrHead function in kernel/kls_hdr/fmt_codec_hdr.cpp in ksquirrel-libs 0.8.0 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE image (aka .hdr file).
CVE-2008-5262 1 Devil 1 Developers Image Library 2026-04-23 N/A
Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.
CVE-2008-5260 1 Axis 1 Axis Camera Control 2026-04-23 N/A
Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value.
CVE-2008-5259 1 Divx 1 Divx Web Player 2026-04-23 N/A
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.
CVE-2008-5247 1 Xine 1 Xine-lib 2026-04-23 N/A
The real_parse_audio_specific_data function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height (aka codec_data_length) value as a divisor, which allow remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero value.
CVE-2008-5246 1 Xine 1 Xine-lib 2026-04-23 N/A
Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the (1) id3v22_interp_frame and (2) id3v24_interp_frame functions in src/demuxers/id3.c. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5245 1 Xine 1 Xine-lib 2026-04-23 N/A
xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.
CVE-2008-5242 1 Xine 1 Xine-lib 2026-04-23 N/A
demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSD_ATOM atom allocation, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted media file.
CVE-2008-5241 1 Xine 1 Xine-lib 2026-04-23 N/A
Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service (crash) via a crafted media file that results in a small value of moov_atom_size in a compressed MOV (aka CMOV_ATOM).
CVE-2008-5240 1 Xine 1 Xine-lib 2026-04-23 N/A
xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and (2) PROP_TAG, (3) MDPR_TAG, and (4) CONT_TAG chunks processed by the real_parse_headers function in demux_real.c; which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) or possibly execute arbitrary code via a crafted value.
CVE-2008-5239 1 Xine 1 Xine-lib 2026-04-23 N/A
xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not properly handle (a) negative and (b) zero values during unspecified read function calls in input_file.c, input_net.c, input_smb.c, and input_http.c, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors such as (1) a file or (2) an HTTP response, which triggers consequences such as out-of-bounds reads and heap-based buffer overflows.
CVE-2008-5238 1 Xine 1 Xine 2026-04-23 N/A
Integer overflow in the real_parse_mdpr function in demux_real.c in xine-lib 1.1.12, and other versions before 1.1.15, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted stream_name_size field.
CVE-2008-5237 1 Xine 1 Xine 2026-04-23 N/A
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) crafted width and height values that are not validated by the mymng_process_header function in demux_mng.c before use in an allocation calculation or (2) crafted current_atom_size and string_size values processed by the parse_reference_atom function in demux_qt.c for an RDRF_ATOM string.