Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1268 | 1 Funkwerk | 1 X2300 | 2011-03-08 | 7.8 HIGH | N/A |
| The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2006-1250 | 1 Amax Information Technologies | 1 Winmail | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown remote attack vectors. | |||||
| CVE-2006-1218 | 1 Novell | 1 Bordermanager | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1". | |||||
| CVE-2006-1093 | 1 Ibm | 1 Websphere Application Server | 2011-03-08 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed. | |||||
| CVE-2006-1069 | 1 Geeklog | 1 Geeklog | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors. | |||||
| CVE-2006-1032 | 1 Phprpc | 1 Phprpc | 2011-03-08 | 7.5 HIGH | N/A |
| Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag. | |||||
| CVE-2006-0956 | 1 Nufw | 1 Nufw Firewall | 2011-03-08 | 1.7 LOW | N/A |
| nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server. | |||||
| CVE-2006-0951 | 1 Eset Software | 1 Nod32 Antivirus | 2011-03-08 | 7.2 HIGH | N/A |
| The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors. | |||||
| CVE-2006-0947 | 1 Thomson | 1 Speedtouch | 2011-03-08 | 7.5 HIGH | N/A |
| Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote attackers to create users that cannot be deleted via scripting code in the "31" parameter in a NewUser function, which is not filtered by the modem when creating the account, but cannot be deleted by the administrator, possibly due to cleansing that occurs in the administrator interface. | |||||
| CVE-2006-0930 | 1 Argosoft | 1 Argosoft Mail Server | 2011-03-08 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Webmail in ArGoSoft Mail Server Pro 1.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the UIDL parameter. | |||||
| CVE-2006-0915 | 1 Mozilla | 1 Bugzilla | 2011-03-08 | 7.5 HIGH | N/A |
| Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxattachmentsize parameters in attachment.cgi, which allows remote attackers to trigger a SQL error. | |||||
| CVE-2006-0912 | 1 Oreka | 1 Oreka | 2011-03-08 | 5.0 MEDIUM | N/A |
| Oreka before 0.5 allows remote attackers to cause a denial of service (application crash) via a "certain RTP sequence." | |||||
| CVE-2006-0876 | 1 Popfile | 1 Popfile | 2011-03-08 | 5.0 MEDIUM | N/A |
| POPFile before 0.22.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving character sets within e-mail messages. | |||||
| CVE-2006-0828 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to "reduce effectiveness of security features" via unknown attack vectors. | |||||
| CVE-2006-0751 | 1 Noofs Team | 1 Network Object Oriented File System | 2011-03-08 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS daemon in in Network Object Oriented File System (NOOFS) before 0.9.0 have unspecified impact and attack vectors. | |||||
| CVE-2006-0727 | 1 Musox | 1 Df Msanalysis | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL syntax error, and possibly execute arbitrary SQL commands, via certain query data, probably involving the profile name. | |||||
| CVE-2006-0667 | 1 Ibm | 1 Aix | 2011-03-08 | 4.6 MEDIUM | N/A |
| lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2006-0665 | 1 Mantis | 1 Mantis | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0.0 has unknown impact and attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. An original vendor bug report is referenced, but not accessible to the general public. | |||||
| CVE-2006-0656 | 1 Hp | 1 Systems Insight Manager | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability than CVE-2005-2006. | |||||
| CVE-2006-0314 | 1 Pdfdirectory | 1 Pdfdirectory | 2011-03-08 | 7.5 HIGH | N/A |
| PDFdirectory before 1.0 stores sensitive data in plaintext, which allows remote attackers to obtain arbitrary users' passwords by direct queries to the database, possibly via one of the SQL injection vulnerabilities. | |||||