Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-0054 5.0
The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer.
13-02-2024 - 17:43 11-01-2006 - 21:03
CVE-2006-0176 7.2
Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating systems, and via a l
19-10-2018 - 15:43 11-01-2006 - 21:03
CVE-2006-0169 7.5
addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory.
19-10-2018 - 15:43 11-01-2006 - 21:03
CVE-2006-0180 4.3
Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the "Adding New Event" page, and possibly other vectors, involving iframe tags.
19-10-2018 - 15:43 12-01-2006 - 06:02
CVE-2006-0105 5.0
PostgreSQL 8.0.x before 8.0.6 and 8.1.x before 8.1.2, when running on Windows, allows remote attackers to cause a denial of service (postmaster exit and no new connections) via a large number of simultaneous connection requests.
19-10-2018 - 15:42 10-01-2006 - 20:03
CVE-2005-3713 7.5
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a GIF image file with a crafted Netscape Navigator Application Extension Block that modifies the heap in the Picture Modifier block.
19-10-2018 - 15:38 31-12-2005 - 05:00
CVE-2005-3710 7.5
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags.
19-10-2018 - 15:38 31-12-2005 - 05:00
CVE-2005-3711 7.5
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values.
19-10-2018 - 15:38 31-12-2005 - 05:00
CVE-2005-2340 7.5
Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a crafted (1) QuickTime Image File (QTIF), (2) PICT, or (3) JPEG format image with a long data field.
19-10-2018 - 15:32 31-12-2005 - 05:00
CVE-2006-6640 6.8
Multiple cross-site scripting (XSS) vulnerabilities in Omniture SiteCatalyst allow remote attackers to inject arbitrary web script or HTML via the (1) ss parameter in (a) search.asp and the (2) company and (3) username fields on (b) the web login pag
17-10-2018 - 21:49 19-12-2006 - 20:28
CVE-2008-3466 10.0
Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or
12-10-2018 - 21:48 15-10-2008 - 00:12
CVE-2000-1079 7.5
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast d
19-12-2017 - 02:29 29-08-2000 - 04:00
CVE-2013-4246 6.5
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.
18-11-2017 - 17:45 30-10-2017 - 14:29
CVE-2006-0179 5.0
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
19-10-2017 - 01:29 11-01-2006 - 21:03
CVE-2006-0178 7.2
Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may
20-07-2017 - 01:29 11-01-2006 - 21:03
CVE-2006-0055 2.1
The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
20-07-2017 - 01:29 11-01-2006 - 21:03
CVE-2006-0177 7.2
Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by (1) invoking /usr/bin/script with a long command line argument or (2) setting the -c option of /etc/nu to the name of a file containing a long line.
20-07-2017 - 01:29 11-01-2006 - 21:03
CVE-2005-3707 7.5
Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
11-07-2017 - 01:33 31-12-2005 - 05:00
CVE-2005-3708 7.5
Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
11-07-2017 - 01:33 31-12-2005 - 05:00
CVE-2005-3709 7.5
Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file.
11-07-2017 - 01:33 31-12-2005 - 05:00
CVE-2005-2344 5.0
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap
11-07-2017 - 01:32 31-12-2005 - 05:00
CVE-2004-2271 7.5
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
11-07-2017 - 01:31 31-12-2004 - 05:00
CVE-2014-7285 6.5
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
03-01-2017 - 02:59 17-12-2014 - 16:59
Back to Top Mark selected
Back to Top