Vulnerabilities (CVE)

Filter

125263 total CVE
CVE Vendors Products Updated CVSS
CVE-2006-6894 1 Spine 1 Spine 2008-09-05 10.0
Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown impact and attack vectors, related to (1) "Placeholders in database handler" and (2) "Macro admin security."
CVE-2006-6893 1 Tor 1 Tor 2008-09-05 5.0
Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through (1) ICMP...
CVE-2006-6874 1 Endonesia 1 Endonesia 2008-09-05 6.8
Multiple cross-site scripting (XSS) vulnerabilities in friend.php in eNdonesia 8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Message or (2) Your Name field. NOTE: The provenance of this information is unknown; the...
CVE-2006-6843 1 Joomla 1 Be It Easypartner Component 2008-09-05 7.5
PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 beta component for Joomla! allows remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: The provenance of this information is unknown; the details are...
CVE-2006-6841 1 Phpbb Group 1 Phpbb 2008-09-05 10.0
Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors.
CVE-2006-6840 1 Phpbb Group 1 Phpbb 2008-09-05 10.0
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter."
CVE-2006-6839 1 Phpbb Group 1 Phpbb 2008-09-05 10.0
Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets."
CVE-2006-6836 1 Ibm 1 Os 400 2008-09-05 10.0
Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing.
CVE-2006-6752 1 Ftprush 1 Ftprush 2008-09-05 7.5
Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain privileges via a long Host field. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Also, it is not clear whether...
CVE-2006-6750 1 Dxmsoft 1 Xm Easy Personal Ftp Server 2008-09-05 5.0
Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in a long PORT command. NOTE: this issue might be related to CVE-2006-2226.
CVE-2006-6744 1 Phpprofiles 1 Phpprofiles 2008-09-05 2.1
phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts.
CVE-2006-6721 1 Knusperleicht 1 Shoutbox 2008-09-05 6.8
Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter.
CVE-2006-6707 1 Mcafee 2 Neotrace, Visual Trace 2008-09-05 7.5
Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long...
CVE-2006-6700 1 Calacode 1 Atmail Webmail System 2008-09-05 6.8
Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the...
CVE-2006-6688 1 Web-app.net 1 Webapp 2008-09-05 7.5
Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET) allows remote attackers to bypass filtering mechanisms via unknown vectors. NOTE: The provenance of this information is unknown; the details are...
CVE-2006-6680 1 Chetcpasswd 1 Chetcpasswd 2008-09-05 4.6
Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file.
CVE-2006-6662 1 Suse 3 Suse Linux, Suse Open Enterprise Server, Linux Enterprise Desktop 2008-09-05 4.1
Unspecified vulnerability in Linux User Management (novell-lum) on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9, under unspecified conditions, allows local users to log in to the console without a password.
CVE-2006-6659 1 Microsoft 3 Windows Xp, Ie, Outlook 2008-09-05 5.0
The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML.
CVE-2006-6658 1 Inktomi 1 Inktomi Search 2008-09-05 5.0
Inktomi Search 4.1.4 allows remote attackers to obtain sensitive information via direct requests with missing parameters to (1) help/header.html, (2) thesaurus.html, and (3) topics.html, which leak the installation path in the resulting error...
CVE-2006-6657 1 Netbsd 1 Netbsd 2008-09-05 2.1
The if_clone_list function in NetBSD-current before 20061027, NetBSD 3.0 and 3.0.1 before 20061027, and NetBSD 2.x before 20061119 allows local users to read potentially sensitive, uninitialized stack memory via unspecified vectors.