| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-0611 | 9.3 |
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on W
|
13-08-2024 - 18:58 | 13-04-2011 - 14:55 | |
| CVE-2006-6597 | 6.8 |
Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via the /r option in a telnet:// URI, which is configured to use hawin32.exe.
|
13-02-2024 - 17:50 | 15-12-2006 - 22:28 | |
| CVE-2005-3832 | 5.1 |
Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject products including (a) Squeez 5.0 Build 4285, and (b) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrar
|
19-10-2018 - 15:39 | 26-11-2005 - 19:03 | |
| CVE-2006-3519 | 5.8 |
Multiple cross-site scripting (XSS) vulnerabilities in The Banner Engine (tbe) 4.0 allow remote attackers to execute arbitrary web script or HTML via the (1) text parameter in a search action to (a) top.php, and the (2) adminpass or (3) adminlogin pa
|
18-10-2018 - 16:47 | 11-07-2006 - 23:05 | |
| CVE-2006-6628 | 4.3 |
Integer overflow in OpenOffice.org (OOo) 2.1 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted DOC file, as demonstrated by the 12122006-djtest.doc file, a variant of CVE-2006-6561 in a separate code
|
17-10-2018 - 21:49 | 18-12-2006 - 11:28 | |
| CVE-2006-6617 | 6.5 |
projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Pass
|
17-10-2018 - 21:49 | 18-12-2006 - 11:28 | |
| CVE-2006-6630 | 7.5 |
PHP remote file inclusion vulnerability in ListRecords.php in osprey 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter.
|
17-10-2018 - 21:49 | 18-12-2006 - 11:28 | |
| CVE-2006-6585 | 6.4 |
The Extensions manager in Mozilla Firefox 2.0 does not properly populate the list of local extensions, which allows attackers to construct an extension that hides itself by finding its name in the list and then calling RemoveElement, as demonstrated
|
17-10-2018 - 21:49 | 15-12-2006 - 19:28 | |
| CVE-2006-6591 | 7.5 |
PHP remote file inclusion vulnerability in fonctions/template.php in EXlor 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the repphp parameter.
|
17-10-2018 - 21:49 | 15-12-2006 - 19:28 | |
| CVE-2006-6640 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Omniture SiteCatalyst allow remote attackers to inject arbitrary web script or HTML via the (1) ss parameter in (a) search.asp and the (2) company and (3) username fields on (b) the web login pag
|
17-10-2018 - 21:49 | 19-12-2006 - 20:28 | |
| CVE-2006-6596 | 6.8 |
HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session (HAW) file, which can be automatically opened using Internet Explorer.
|
17-10-2018 - 21:49 | 15-12-2006 - 22:28 | |
| CVE-2006-6648 | 7.5 |
PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter.
|
17-10-2018 - 21:49 | 20-12-2006 - 02:28 | |
| CVE-2006-6627 | 10.0 |
Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft
|
17-10-2018 - 21:49 | 18-12-2006 - 11:28 | |
| CVE-2007-0602 | 6.9 |
Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533.
|
16-10-2018 - 16:33 | 30-01-2007 - 18:28 | |
| CVE-2007-5306 | 5.0 |
ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2007-5305 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2007-5304 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote paramet
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2007-5307 | 7.5 |
ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2008-3896 | 2.1 |
Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations a
|
11-10-2018 - 20:50 | 03-09-2008 - 14:12 | |
| CVE-2006-6634 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai (com_extcalendar) 0.9.1 and earlier component for Mambo allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG_EXT[LANGUAGES_DIR] parameter to admin_events
|
29-07-2017 - 01:29 | 18-12-2006 - 11:28 |