Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6713 | 1 Hitachi | 1 Hitachi Directory Server 2 | 2011-03-07 | 10.0 HIGH | N/A |
| Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allows remote attackers to execute arbitrary code via crafted LDAP requests. | |||||
| CVE-2006-6714 | 1 Hitachi | 1 Hitachi Directory Server 2 | 2011-03-07 | 7.8 HIGH | N/A |
| Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allow remote attackers to cause a denial of service (memory consumption) via invalid LDAP requests. | |||||
| CVE-2006-6725 | 1 Phpbuilder | 1 Phpbuilder | 2011-03-07 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) lib/htm2php.php and (2) sitetools/htm2php.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6727 | 1 Inertianews | 1 Inertianews | 2011-03-07 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. | |||||
| CVE-2006-6728 | 1 Lan Messenger | 1 Lan Messenger | 2011-03-07 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the info request mechanism in LAN Messenger before 1.5.1.2 allows remote attackers to cause a denial of service (application crash) or transmit spam via unspecified vectors. | |||||
| CVE-2006-6748 | 1 Newxooper | 1 Newxooper | 2011-03-07 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in i-accueil.php in Newxooper 0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6761 | 1 Novell | 1 Netmail | 2011-03-07 | 6.5 MEDIUM | N/A |
| Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command. | |||||
| CVE-2006-6762 | 1 Novell | 1 Netmail | 2011-03-07 | 4.0 MEDIUM | N/A |
| The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument. | |||||
| CVE-2006-6782 | 1 Pnamazu | 1 Pnamazu | 2011-03-07 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2006-6790 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2011-03-07 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and earlier allows remote attackers to inject arbitrary PHP code via the username parameter, which is injected into chat/text.php. | |||||
| CVE-2006-6075 | 1 Baalasp | 1 Smart Form Portal | 2011-03-07 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp forum allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6135 | 1 Ibm | 1 Websphere Application Server | 2011-03-07 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK30831). | |||||
| CVE-2006-6136 | 1 Ibm | 1 Websphere Application Server | 2011-03-07 | 10.0 HIGH | N/A |
| IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors. | |||||
| CVE-2006-6139 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the fn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6140 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2011-03-07 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to execute arbitrary PHP code via a URL in the slnt parameter to (1) index.php and (2) print.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6146 | 1 Takeshi Kanno | 1 Haru Free Pdf Library | 2011-03-07 | 2.6 LOW | N/A |
| Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle. | |||||
| CVE-2006-6151 | 1 Messagerie Locale | 1 Messagerie Locale | 2011-03-07 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in centre.php in Messagerie Locale as of 20061127 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6172 | 2 Mplayer, Xine | 2 Mplayer, Real Media Input Plugin | 2011-03-07 | 7.5 HIGH | N/A |
| Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. | |||||
| CVE-2006-6174 | 1 Tdiary | 1 Tdiary | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in (1) tdiary.rb and (2) skel/conf.rhtml. | |||||
| CVE-2006-6178 | 1 Trend Micro | 1 Officescan | 2011-03-07 | 7.5 HIGH | N/A |
| Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors. | |||||