Critical
CVE-2020-1907
A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90, a…
Tag: Stack Overflow
All CVEs associated with "Stack Overflow". Page 14/15 • 1692 CVEs.
Subscribe CVEs: RSS for “Stack Overflow” · RSS (High+Critical only)
About “Stack Overflow”
A curated feed of “Stack Overflow”-related CVEs appears below. We currently track 1692 CVEs for this tag (all time). In the last 365 days, 200 were published. Average CVSS is 8.1 (all time; 7.2 over 365d), and 80% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-121 - Stack-based Buffer Overflow, CWE-674 - Uncontrolled Recursion, CWE-787 - Out-of-bounds Write.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2020-10-06
2020-09-25
Critical
CVE-2020-15202
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However…
2020-08-21
Medium
CVE-2019-11850
A stack overflow vulnerabiltity exist in the AT command interface of ALEOS before 4.11.0. The vulnerability may allow code execution
Medium
CVE-2019-11849
A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. The vulnerability may allow code execution.
2020-07-16
High
CVE-2019-20912
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
2020-07-01
Critical
CVE-2020-15474
In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c.
2020-06-30
High
CVE-2020-7816
A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+, DaOffice softwares could allow an unauthenticated, remote attacker to cause an arbitrary code execution on an affected device.n…
2020-06-24
Critical
CVE-2020-14095
In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution.
Critical
CVE-2020-14094
In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution.
2020-06-22
Critical
CVE-2019-14073
Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in S…
2020-06-18
High
CVE-2020-3296
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3295
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3294
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3293
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3292
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3291
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3290
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3289
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3288
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3287
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
High
CVE-2020-3286
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authentic…
2020-06-03
High
CVE-2020-3217
A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauth…
2020-05-06
High
CVE-2020-10704
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user ca…
2020-04-16
Critical
CVE-2019-10588
Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT,…
2020-03-24
Critical
CVE-2019-20622
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband stack overflow. The Samsung ID is SVE-2018-13188 (February 2019).
Critical
CVE-2019-20611
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) (Exynos chipsets) software. A baseband stack overflow leads to arbitrary code execution. The Samsun…
Critical
CVE-2019-20581
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A stack overflow in the HDCP Trustlet causes arbitrary code execution. The Samsung ID is…
High
CVE-2020-10852
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. There is a stack overflow in display driver. The Samsung ID is SVE-2019-15877 (January 2020).
High
CVE-2020-10851
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. There is a stack overflow in the kperfmon driver. The Samsung ID is SVE-2019-15876 (January 2020).
Critical
CVE-2020-10837
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-201…
High
CVE-2019-20542
An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (Exynos chipsets) software. There is a stack overflow in the kernel driver. The Samsung ID is SVE-2019-15034 (Novembe…
High
CVE-2019-20541
An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The Wi-Fi kernel drivers have a stack overflow. The Samsung IDs are SVE-2019-14965, SVE-2019-14966, SVE-2019-…
2020-03-05
Critical
CVE-2019-10612
UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snap…
Critical
CVE-2019-10594
Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industria…
Critical
CVE-2019-10587
Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Indust…
2020-02-19
Medium
CVE-2020-3163
A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.…
2020-02-05
High
CVE-2020-3119
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected de…
High
CVE-2020-3118
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected d…
2020-02-04
High
CVE-2020-6060
A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a…
2020-01-31
Medium
CVE-2020-5234
MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Secur…
2019-11-15
Critical
CVE-2019-13582
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A…
2019-11-14
High
CVE-2019-11178
Stack overflow in Intel(R) Baseboard Management Controller firmware may allow an authenticated user to potentially enable information disclosure and/or denial of service via network access.
2019-11-06
High
CVE-2019-10502
Possible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi…
2019-10-16
High
CVE-2019-17624
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application…
2019-09-19
Medium
CVE-2019-11779
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hiera…
2019-09-13
Critical
CVE-2019-13548
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition…
2019-08-09
Critical
CVE-2019-12256
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
2019-07-22
Critical
CVE-2018-13924
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer…
2019-07-10
Critical
CVE-2019-13132
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/a…
2019-07-02
High
CVE-2017-8412
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom binary called mp4ts under the /var/www/video folder. It seems that this binary dumps the HTTP VERB in the syst…
2019-06-17
High
CVE-2017-10722
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the desktop application used to connect to the device suffers from a stack ov…
High
CVE-2017-10720
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the desktop application used to connect to the device suffers from a stack ov…
2019-05-22
High
CVE-2018-12886
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeti…
2019-03-27
Medium
CVE-2019-0161
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
Medium
CVE-2018-12183
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
Medium
CVE-2018-12181
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
2019-02-11
High
CVE-2018-12010
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Absence of length sanity check may lead to possible stack overflow resulting in memory corru…
2018-12-24
High
CVE-2018-20247
In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFro…
2018-12-21
High
CVE-2018-5196
Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitra…
2018-12-01
High
CVE-2018-3950
An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address…
2018-10-12
Medium
CVE-2018-12838
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a stack overflow vulnerability. Successful exploitation could lead to inf…
2018-09-14
High
CVE-2018-12086
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
2018-09-12
High
CVE-2017-1084
In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written pro…
High
CVE-2017-1083
In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow.
2018-08-24
Critical
CVE-2017-11563
D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has a remote code execution vulnerability. A UDP "Discover" service, which provides multiple functions such as changing the passwords and getting basic inf…
2018-08-01
High
CVE-2018-3922
A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, o…
High
CVE-2018-3921
A memory corruption vulnerability exists in the PSD-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PSD image processed via the application can lead to a stack overflow, o…
2018-07-30
High
CVE-2016-9597
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service att…
2018-07-09
Critical
CVE-2018-1000618
EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. This attack appear to…
2018-06-05
High
CVE-2018-10601
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Mate…
2018-05-19
Medium
CVE-2018-4926
Adobe Digital Editions versions 4.5.7 and below have an exploitable Stack Overflow vulnerability. Successful exploitation could lead to information disclosure.
2018-05-18
High
CVE-2018-8015
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software…
2018-04-24
Critical
CVE-2017-2885
An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker…
High
CVE-2017-14442
An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution.…
High
CVE-2017-14440
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution…
2018-04-19
Critical
CVE-2017-3774
A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than ver…
2018-03-13
High
CVE-2018-6304
Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service
2018-03-09
High
CVE-2016-8783
Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into…
High
CVE-2018-8002
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vu…
2018-02-07
High
CVE-2017-12412
ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow.
2018-02-05
High
CVE-2018-5787
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM (Radio Interface Module) pro…
2018-01-04
High
CVE-2018-5210
On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack t…
2017-12-22
High
CVE-2017-15311
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00…
2017-12-20
High
CVE-2017-4941
VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC…
2017-11-22
Medium
CVE-2017-8162
AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with s…
2017-11-17
Medium
CVE-2017-1000186
In SWFTools, a stack overflow was found in pdf2swf.
2017-10-27
High
CVE-2017-5095
Stack overflow in PDFium in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to potentially exploit stack corruption via a crafted PDF file.
2017-10-04
High
CVE-2017-12818
Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.
2017-09-28
Critical
CVE-2017-11121
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack o…
2017-09-12
High
CVE-2017-1000251
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing…
2017-08-25
Critical
CVE-2017-12707
A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow.
2017-08-16
High
CVE-2016-5867
In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.
2017-07-17
Critical
CVE-2017-1000075
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the memcmp function
Critical
CVE-2017-1000074
Creolabs Gravity version 1.0 is vulnerable to a stack overflow in the string_repeat() function.
2017-07-06
High
CVE-2017-10971
In the X.Org X server before 2017-06-19, a user authenticated to an X Session could crash or execute code in the context of the X Server by exploiting a stack overflow in the endianness conversion of…
2017-04-02
High
CVE-2016-8761
Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows…
High
CVE-2016-8759
Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows…
2017-03-22
Critical
CVE-2017-3853
A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow rem…
2017-02-09
High
CVE-2017-5839
The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a de…
2017-02-07
High
CVE-2016-6131
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types.
2016-06-13
High
CVE-2016-4353
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
2016-05-25
High
CVE-2016-1886
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive…
2016-02-10
High
CVE-2016-0033
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service (performance…
2014-04-08
Critical
CVE-2014-1758
Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Word Stack Overflow Vulnerability."
2013-11-01
Medium
CVE-2013-5551
Cisco Adaptive Security Appliance (ASA) Software, when certain same-security-traffic and management-access options are enabled, allows remote authenticated users to cause a denial of service (stack o…
2012-11-14
Critical
CVE-2012-2543
Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary…
2012-08-15
Critical
CVE-2012-1853
Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code v…
2011-04-13
Critical
CVE-2011-0034
Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Go…
2010-10-13
Critical
CVE-2010-3214
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel,…
2010-06-08
Critical
CVE-2010-0822
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code…
2010-04-14
Critical
CVE-2010-0480
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow rem…
2010-02-10
Critical
CVE-2010-0034
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Office PowerPoint Viewer TextCharsAtom Re…
Critical
CVE-2010-0033
Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Viewer TextBytesAtom Record St…
2009-11-11
High
CVE-2009-1928
Stack consumption vulnerability in the LDAP service in Active Directory on Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2; Active Directory Application Mode (ADAM) on Windo…
2009-10-22
Low
CVE-2009-2911
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operatio…
2009-10-06
Critical
CVE-2009-3569
Stack-based buffer overflow in OpenOffice.org (OOo) allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.8,…
2009-04-15
Critical
CVE-2009-0235
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a…
2008-04-08
Critical
CVE-2008-1087
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with…
2007-08-17
Medium
CVE-2007-4392
Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
2007-05-07
Medium
CVE-2007-1861
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infini…