Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-6513 | 3.5 |
The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and earlier allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to err
|
17-10-2018 - 21:49 | 14-12-2006 - 01:28 | |
CVE-2006-6514 | 3.5 |
Winamp Web Interface (Wawi) 7.5.13 and earlier uses an insufficient comparison to determine whether a directory is located below the application's root directory, which allows remote authenticated users to access certain other directories if the name
|
17-10-2018 - 21:49 | 14-12-2006 - 01:28 | |
CVE-2006-6539 | 10.0 |
Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and earlier (1) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an (a) long username or a (b) crafted packet to the FindBa
|
17-10-2018 - 21:49 | 14-12-2006 - 02:28 | |
CVE-2006-6482 | 5.0 |
Adobe ColdFusion MX7 allows remote attackers to obtain sensitive information via a URL request (1) for a non-existent (a) JWS, (b) CFM, (c) CFML, or (d) CFC file, which displays the installation path in the resulting error message; or (2) to /CFIDE/a
|
17-10-2018 - 21:48 | 12-12-2006 - 20:28 | |
CVE-2006-6483 | 2.6 |
Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XSS) attacks, which allows remote attackers to inject arbitrary web script or HTML via a NULL byte (%00) in certain HTML tags, as de
|
17-10-2018 - 21:48 | 12-12-2006 - 20:28 | |
CVE-2006-5583 | 10.0 |
Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerabilit
|
17-10-2018 - 21:43 | 12-12-2006 - 20:28 | |
CVE-2017-1421 | 4.3 |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
|
26-12-2017 - 15:37 | 13-12-2017 - 18:29 | |
CVE-2001-0072 | 5.0 |
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.
|
10-10-2017 - 01:29 | 12-02-2001 - 05:00 | |
CVE-2015-0375 | 5.0 |
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.
|
08-09-2017 - 01:29 | 21-01-2015 - 18:59 |