Max CVSS | 7.8 | Min CVSS | 3.7 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-3271 | 4.3 |
Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an insta
|
13-02-2023 - 02:19 | 13-10-2008 - 20:00 | |
CVE-2014-9379 | 7.5 |
The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a
|
26-02-2020 - 13:35 | 19-12-2014 - 15:59 | |
CVE-2000-1022 | 7.5 |
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
|
30-10-2018 - 16:26 | 11-12-2000 - 05:00 | |
CVE-2006-1198 | 3.7 |
Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a password stored in the msnvs\prc registry value, for which all users have Read permission, which allows local users to bypass the product's blocking functionality by decrypting the p
|
18-10-2018 - 16:31 | 14-03-2006 - 01:06 | |
CVE-2006-1102 | 5.0 |
Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (client exit) by forcing the server to change to a map (ogz) file whose name contains ".." sequences and has a certain length that prevents
|
18-10-2018 - 16:30 | 09-03-2006 - 13:06 | |
CVE-2006-1100 | 7.5 |
Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
|
18-10-2018 - 16:30 | 09-03-2006 - 13:06 | |
CVE-2006-1134 | 5.1 |
SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possibly (2) process_post.php. Successful exploitation re
|
18-10-2018 - 16:30 | 10-03-2006 - 02:02 | |
CVE-2006-1101 | 5.0 |
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demons
|
18-10-2018 - 16:30 | 09-03-2006 - 13:06 | |
CVE-2006-1077 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters.
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
CVE-2006-1103 | 5.0 |
engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer
|
18-10-2018 - 16:30 | 09-03-2006 - 13:06 | |
CVE-2017-15526 | 5.2 |
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario.
|
29-11-2017 - 14:36 | 13-11-2017 - 22:29 | |
CVE-2006-1153 | 5.0 |
SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB).
|
19-10-2017 - 01:29 | 10-03-2006 - 11:02 | |
CVE-2006-1154 | 7.5 |
PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable.
|
11-10-2017 - 01:30 | 10-03-2006 - 11:02 | |
CVE-2006-1150 | 7.8 |
Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long,
|
20-07-2017 - 01:30 | 10-03-2006 - 11:02 | |
CVE-2006-1051 | 7.5 |
SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php.
|
20-07-2017 - 01:30 | 07-03-2006 - 21:06 | |
CVE-2006-1046 | 5.0 |
server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output.
|
20-07-2017 - 01:30 | 07-03-2006 - 11:02 |