Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1509 | 1 Hp | 1 Hp-ux | 2017-10-10 | 4.9 MEDIUM | N/A |
| /sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service. | |||||
| CVE-2006-1252 | 1 Light Weight Calendar | 1 Light Weight Calendar | 2017-10-10 | 7.5 HIGH | N/A |
| Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) 1.0 allows remote attackers to execute arbitrary PHP code via the date parameter to index.php. | |||||
| CVE-2006-1248 | 1 Hp | 1 Hp-ux | 2017-10-10 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in usermod in HP-UX B.11.00, B.11.11, and B.11.23, when run with certain options that involve a new home directory, might cause usermod to change the ownership of all directories and files under the new directory, which might result in less secure permissions than intended. | |||||
| CVE-2006-1862 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 4.9 MEDIUM | N/A |
| The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service (panic) by running lsof a large number of times in a way that produces a heavy system load. | |||||
| CVE-2006-0769 | 1 Sun | 1 Solaris | 2017-10-10 | 7.2 HIGH | N/A |
| Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | |||||
| CVE-2006-1939 | 1 Ethereal Group | 1 Ethereal | 2017-10-10 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) ASN.1 dissectors. | |||||
| CVE-2006-0658 | 1 Fckeditor | 1 Fckeditor | 2017-10-10 | 5.0 MEDIUM | N/A |
| Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions][File], such as .php.txt. | |||||
| CVE-2006-1527 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 5.0 MEDIUM | N/A |
| The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processed by the for_each_sctp_chunk function. | |||||
| CVE-2006-0436 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.2 HIGH | N/A |
| Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2006-0537 | 1 Kinesphere Corporation | 1 Exchange Pop3 | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the POP3 server in Kinesphere Corporation eXchange before 5.0.060125 allows remote attackers to execute arbitrary code via a long RCPT TO argument. | |||||
| CVE-2006-0531 | 1 Sun | 1 Java System Access Manager | 2017-10-10 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool. | |||||
| CVE-2006-0558 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 4.9 MEDIUM | N/A |
| perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. | |||||
| CVE-2006-0516 | 1 Sun | 1 Solaris | 2017-10-10 | 2.1 LOW | N/A |
| Unspecified vulnerability in the kernel processing in Solaris 10 64 bit platform, when running in 64-bit mode, allows local users to cause a denial of service (system panic) via unknown attack vectors. | |||||
| CVE-2006-2933 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Enterprise Linux Desktop | 2017-10-10 | 4.6 MEDIUM | N/A |
| kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. | |||||
| CVE-2006-0486 | 1 Cisco | 1 Ios | 2017-10-10 | 4.6 MEDIUM | N/A |
| Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. | |||||
| CVE-2006-0485 | 1 Cisco | 1 Ios | 2017-10-10 | 4.6 MEDIUM | N/A |
| The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. | |||||
| CVE-2006-1940 | 1 Ethereal Group | 1 Ethereal | 2017-10-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP dissector. | |||||
| CVE-2006-1348 | 1 Greg Neustaetter | 1 Gcards | 2017-10-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346. | |||||
| CVE-2006-1855 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 2.1 LOW | N/A |
| choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process. | |||||
| CVE-2006-1347 | 1 Greg Neustaetter | 1 Gcards | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||