Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-0147 7.5
Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (
19-10-2018 - 15:42 09-01-2006 - 23:03
CVE-2006-0146 7.5
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty,
19-10-2018 - 15:42 09-01-2006 - 23:03
CVE-2006-0051 5.1
Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the http_
19-10-2018 - 15:42 05-04-2006 - 10:04
CVE-2005-2096 7.5
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted
19-10-2018 - 15:32 06-07-2005 - 04:00
CVE-2005-1849 5.0
inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
19-10-2018 - 15:31 26-07-2005 - 04:00
CVE-2006-1614 5.1
Integer overflow in the cli_scanpe function in the PE header parser (libclamav/pe.c) in Clam AntiVirus (ClamAV) before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary co
18-10-2018 - 16:33 06-04-2006 - 22:04
CVE-2006-1550 7.6
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of poi
18-10-2018 - 16:33 30-03-2006 - 23:02
CVE-2006-0806 4.3
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspeci
18-10-2018 - 16:29 21-02-2006 - 02:02
CVE-2006-0459 7.5
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contain
03-10-2018 - 21:35 29-03-2006 - 23:02
CVE-2006-0052 5.0
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part tha
03-10-2018 - 21:34 31-03-2006 - 11:06
CVE-2005-2966 5.1
The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.
03-10-2018 - 21:31 05-10-2005 - 21:02
CVE-2005-2471 7.5
pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.
11-10-2017 - 01:30 05-08-2005 - 04:00
CVE-2002-0004 7.2
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
10-10-2017 - 01:30 27-02-2002 - 05:00
CVE-2006-1630 5.0
The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access."
20-07-2017 - 01:30 06-04-2006 - 22:04
CVE-2006-1615 10.0
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidenc
20-07-2017 - 01:30 06-04-2006 - 22:04
CVE-2006-0410 5.0
SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings.
20-07-2017 - 01:29 25-01-2006 - 02:03
CVE-2006-0053 2.6
Imager (libimager-perl) before 0.50 allows user-assisted attackers to cause a denial of service (segmentation fault) by writing a 2- or 4-channel JPEG image (or a 2-channel TGA image) to a scalar, which triggers a NULL pointer dereference.
20-07-2017 - 01:29 10-04-2006 - 18:06
CVE-2005-3148 4.6
StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.
05-09-2008 - 20:53 05-10-2005 - 21:02
CVE-2005-3147 2.1
StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.
05-09-2008 - 20:53 05-10-2005 - 21:02
CVE-2005-3146 2.1
StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.
05-09-2008 - 20:53 05-10-2005 - 21:02
Back to Top Mark selected
Back to Top