Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-5051 | 9.3 |
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
|
29-07-2024 - 01:15 | 27-09-2006 - 23:07 | |
CVE-2007-0720 | 5.0 |
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
|
15-12-2020 - 02:02 | 13-03-2007 - 21:19 | |
CVE-2006-4226 | 3.6 |
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have pe
|
17-12-2019 - 20:16 | 18-08-2006 - 20:04 | |
CVE-2006-3469 | 4.0 |
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_forma
|
17-12-2019 - 20:16 | 21-07-2006 - 14:03 | |
CVE-2006-4031 | 2.1 |
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. This vuln
|
17-12-2019 - 20:16 | 09-08-2006 - 22:04 | |
CVE-2006-2753 | 7.5 |
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properl
|
17-12-2019 - 20:16 | 01-06-2006 - 17:02 | |
CVE-2006-1516 | 5.0 |
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
|
17-12-2019 - 20:16 | 05-05-2006 - 12:46 | |
CVE-2006-1517 | 5.0 |
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error m
|
17-12-2019 - 20:16 | 05-05-2006 - 12:46 | |
CVE-2006-3081 | 4.0 |
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
|
17-12-2019 - 17:13 | 19-06-2006 - 18:02 | |
CVE-2006-0300 | 5.1 |
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
|
19-10-2018 - 15:44 | 24-02-2006 - 00:02 | |
CVE-2006-0225 | 4.6 |
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
|
19-10-2018 - 15:43 | 25-01-2006 - 11:03 | |
CVE-2006-6097 | 4.0 |
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function
|
17-10-2018 - 21:46 | 24-11-2006 - 18:07 | |
CVE-2006-5330 | 5.0 |
CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client request
|
17-10-2018 - 21:42 | 17-10-2006 - 21:07 | |
CVE-2006-5052 | 5.0 |
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
|
17-10-2018 - 21:40 | 27-09-2006 - 23:07 | |
CVE-2006-4924 | 7.8 |
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
|
17-10-2018 - 21:40 | 27-09-2006 - 01:07 | |
CVE-2006-4829 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote attackers to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi
|
17-10-2018 - 21:39 | 15-09-2006 - 22:07 | |
CVE-2007-0051 | 6.8 |
Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed.
|
16-10-2018 - 16:30 | 04-01-2007 - 18:28 | |
CVE-2005-2959 | 4.6 |
Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though oth
|
03-10-2018 - 21:31 | 25-10-2005 - 16:02 | |
CVE-2007-0236 | 10.0 |
Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that t
|
11-10-2017 - 01:31 | 16-01-2007 - 18:28 | |
CVE-2007-0728 | 4.4 |
Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely while initializing a USB printer, which allows local users to create or overwrite arbitrary files.
|
29-07-2017 - 01:30 | 13-03-2007 - 22:19 | |
CVE-2007-0730 | 6.8 |
Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently validate authentication credentials, which allows remote attackers to bypass authentication and modify system configuration.
|
29-07-2017 - 01:30 | 13-03-2007 - 22:19 | |
CVE-2007-0724 | 6.9 |
The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit access to certain controls, which allows local users to gain privileges by using HID device events to read keystrokes from the console.
|
29-07-2017 - 01:30 | 13-03-2007 - 22:19 | |
CVE-2007-0731 | 9.3 |
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.
|
29-07-2017 - 01:30 | 13-03-2007 - 22:19 | |
CVE-2007-0467 | 6.2 |
crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files or gain privileges via a symlink attack on application logs in /Library/Logs/CrashReporter/. Successful exploitation requires that the attacker is alre
|
29-07-2017 - 01:30 | 31-01-2007 - 02:28 | |
CVE-2007-0726 | 5.0 |
The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated
|
29-07-2017 - 01:30 | 13-03-2007 - 22:19 | |
CVE-2007-0733 | 9.3 |
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers mem
|
29-07-2017 - 01:30 | 13-03-2007 - 22:19 | |
CVE-2007-0229 | 7.2 |
Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to
|
29-07-2017 - 01:30 | 13-01-2007 - 02:28 | |
CVE-2006-6129 | 4.6 |
Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption.
|
29-07-2017 - 01:29 | 27-11-2006 - 00:07 | |
CVE-2006-6130 | 4.9 |
Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket.
|
29-07-2017 - 01:29 | 28-11-2006 - 01:07 | |
CVE-2006-6173 | 7.2 |
Buffer overflow in the shared_region_make_private_np function in vm/vm_unix.c in Mac OS X 10.4.6 and earlier allows local users to execute arbitrary code via (1) a small range count, which causes insufficient memory allocation, or (2) a large number
|
29-07-2017 - 01:29 | 30-11-2006 - 16:28 | |
CVE-2006-6061 | 9.3 |
com.apple.AppleDiskImageController in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via a malformed DMG image that triggers memory corruption. NOTE: the severity of this issue has been disputed
|
20-07-2017 - 01:34 | 22-11-2006 - 01:07 | |
CVE-2006-5836 | 7.2 |
The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwin kernel (XNU) 8.8.1 in Apple Mac OS X allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a file descriptor with an unrecognized
|
20-07-2017 - 01:34 | 10-11-2006 - 01:07 | |
CVE-2006-6062 | 5.1 |
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. Exploita
|
20-07-2017 - 01:34 | 22-11-2006 - 01:07 | |
CVE-2007-0588 | 7.1 |
The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a c
|
15-08-2013 - 05:21 | 30-01-2007 - 18:28 | |
CVE-2006-5679 | 4.6 |
Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the km
|
11-10-2011 - 04:00 | 03-11-2006 - 22:07 | |
CVE-2007-0267 | 6.6 |
The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a denial of service (kernel panic) and possibly corrupt other filesystems by mounting a crafted UNIX File System (UFS) DMG image that contains a corrup
|
10-06-2011 - 04:00 | 17-01-2007 - 00:28 | |
CVE-2007-1071 | 7.8 |
Integer overflow in the gifGetBandProc function in ImageIO in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image that triggers the overflow durin
|
08-03-2011 - 02:51 | 22-02-2007 - 22:28 | |
CVE-2007-0719 | 6.8 |
Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile.
|
08-03-2011 - 02:50 | 13-03-2007 - 21:19 | |
CVE-2007-0721 | 6.8 |
Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted compressed disk image that triggers memory corruption.
|
08-03-2011 - 02:50 | 13-03-2007 - 22:19 | |
CVE-2007-0722 | 6.8 |
Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via a crafted AppleSingleEncoding disk image.
|
08-03-2011 - 02:50 | 13-03-2007 - 22:19 | |
CVE-2007-0723 | 8.5 |
Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.
|
08-03-2011 - 02:50 | 13-03-2007 - 22:19 | |
CVE-2007-0299 | 7.1 |
Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service (kernel panic) by mounting a crafted Unix File System (UFS) DMG image, which trigger
|
08-03-2011 - 02:49 | 17-01-2007 - 11:28 | |
CVE-2007-0463 | 5.0 |
Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in (1) SWUTMP or (2) SUCATALOG filenames, or
|
08-03-2011 - 02:49 | 29-01-2007 - 16:28 | |
CVE-2007-0318 | 7.8 |
The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal.
|
08-03-2011 - 02:49 | 18-01-2007 - 00:28 |