Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5809 | 1 Jonathon J. Freeman | 1 Ovbb | 2011-03-08 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB before 0.13a have unknown impact and attack vectors. | |||||
| CVE-2006-5726 | 1 Sun | 1 Solaris | 2011-03-08 | 4.9 MEDIUM | N/A |
| alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems with malformed data structures. | |||||
| CVE-2006-5722 | 1 Middlebury College | 1 Segue Cms | 2011-03-08 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and earlier, when magic_quotes_gpc is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector than CVE-2006-5497. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-5709 | 1 Alt-n | 1 Mdaemon | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit." | |||||
| CVE-2006-5705 | 1 Wordpress | 1 Wordpress | 2011-03-08 | 6.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in plugins/wp-db-backup.php in WordPress before 2.0.5 allow remote authenticated users to read or overwrite arbitrary files via directory traversal sequences in the (1) backup and (2) fragment parameters in a GET request. | |||||
| CVE-2006-5681 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-08 | 2.6 LOW | N/A |
| QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects. | |||||
| CVE-2006-5671 | 1 Free Php Scripts | 1 Free Image Hosting | 2011-03-08 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in contact.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-5664 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2011-03-08 | 4.6 MEDIUM | N/A |
| The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | |||||
| CVE-2006-5663 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2011-03-08 | 4.6 MEDIUM | N/A |
| IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | |||||
| CVE-2006-5657 | 1 Vilistextum | 1 Vilistextum | 2011-03-08 | 10.0 HIGH | N/A |
| Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors. | |||||
| CVE-2006-5642 | 1 Nmnlogger | 1 Nmnlogger | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown impact and attack vectors related to configuration of mesasge drivers. | |||||
| CVE-2006-5565 | 1 Maxdev | 1 Md-pro | 2011-03-08 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the (1) name, (2) file, (3) module, and (4) func parameters in (a) index.php; and the (5) file parameter in (b) modules.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-5564 | 1 Maxdev | 1 Md-pro | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-5500 | 1 Xchangeboard | 1 Xchangeboard | 2011-03-08 | 5.1 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the checkUser function in inc/DBInterface.php in XchangeBoard 1.70 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) userNick or (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-5466 | 2 Rpm, Ubuntu | 2 Package Manager, Ubuntu Linux | 2011-03-08 | 5.4 MEDIUM | N/A |
| Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. | |||||
| CVE-2006-5449 | 1 Horde | 1 Ingo H3 | 2011-03-08 | 6.5 MEDIUM | N/A |
| procmail in Ingo H3 before 1.1.2 Horde module allows remote authenticated users to execute arbitrary commands via shell metacharacters in the mailbox destination of a filter rule. | |||||
| CVE-2006-5423 | 1 Lou Portail | 1 Lou Portail | 2011-03-08 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin/admin_module.php in Lou Portail 1.4.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the g_admin_rep parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-5326 | 1 Phpbb Prillian | 1 French Language Pack | 2011-03-08 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in language/lang/lang_contact_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-5324 | 1 Ibm | 1 Websphere Application Server | 2011-03-08 | 7.5 HIGH | N/A |
| The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374. | |||||
| CVE-2006-5323 | 1 Ibm | 1 Websphere Application Server | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360. | |||||