| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-6731 | 9.3 |
Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attacke
|
09-10-2019 - 22:51 | 26-12-2006 - 23:28 | |
| CVE-2017-15566 | 7.2 |
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution.
|
03-10-2019 - 00:03 | 01-11-2017 - 17:29 | |
| CVE-2008-4036 | 7.2 |
Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, r
|
26-02-2019 - 14:04 | 15-10-2008 - 00:12 | |
| CVE-2006-0860 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer Guestbox 0.6, and other versions before 0.8, allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags that follow a "http://" string, which bypasses a regula
|
18-10-2018 - 16:29 | 23-02-2006 - 23:02 | |
| CVE-2006-0868 | 7.5 |
Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage container
|
18-10-2018 - 16:29 | 23-02-2006 - 23:02 | |
| CVE-2006-0824 | 7.5 |
Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to include arbitrary local files and execute arbitrary code via (1) absolute paths in unspecified parameters an
|
18-10-2018 - 16:29 | 21-02-2006 - 23:02 | |
| CVE-2006-0823 | 7.5 |
Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to inject arbitrary SQL commands via the (1) userid variable to users.php or (2) sessid variable to lib-sessions.php.
|
18-10-2018 - 16:29 | 21-02-2006 - 23:02 | |
| CVE-2006-0852 | 7.5 |
Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php.
|
19-10-2017 - 01:29 | 23-02-2006 - 02:06 | |
| CVE-2006-0188 | 4.3 |
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than wha
|
11-10-2017 - 01:30 | 24-02-2006 - 00:02 | |
| CVE-2006-0195 | 4.3 |
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" speci
|
11-10-2017 - 01:30 | 24-02-2006 - 00:02 | |
| CVE-2006-0377 | 5.0 |
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
|
11-10-2017 - 01:30 | 24-02-2006 - 00:02 | |
| CVE-2000-0870 | 7.5 |
Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string.
|
10-10-2017 - 01:29 | 14-11-2000 - 05:00 | |
| CVE-2006-0802 | 2.6 |
Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is enabled, allows remote attackers to inject arbitrary web script or HTML via the language parameter in a missing or translatio
|
20-07-2017 - 01:30 | 20-02-2006 - 22:02 | |
| CVE-2006-0800 | 2.6 |
Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML tags with a trailing "<" character, which is interpreted as a ">" character by some web browsers but bypasses the bla
|
20-07-2017 - 01:30 | 20-02-2006 - 22:02 | |
| CVE-2006-0801 | 5.1 |
SQL injection vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is off, allows remote attackers to execute arbitrary SQL commands via the language parameter to admin.php. Successful exploitation requires t
|
20-07-2017 - 01:30 | 20-02-2006 - 22:02 | |
| CVE-2004-1520 | 4.6 |
Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2012-5006 | 9.3 |
Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file.
|
20-09-2012 - 04:00 | 19-09-2012 - 21:55 | |
| CVE-2004-2607 | 2.1 |
A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a rea
|
02-04-2010 - 04:50 | 31-12-2004 - 05:00 |