Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1449 | 1 Apple | 1 Mac Os X | 2017-07-19 | 7.5 HIGH | N/A |
| Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. | |||||
| CVE-2006-1450 | 1 Apple | 1 Mac Os X | 2017-07-19 | 7.5 HIGH | N/A |
| Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | |||||
| CVE-2006-1451 | 1 Apple | 1 Mac Os X | 2017-07-19 | 7.2 HIGH | N/A |
| MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. | |||||
| CVE-2006-1452 | 1 Apple | 1 Mac Os X | 2017-07-19 | 4.6 MEDIUM | N/A |
| Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | |||||
| CVE-2006-1455 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 7.8 HIGH | N/A |
| QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | |||||
| CVE-2006-1456 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 7.5 HIGH | N/A |
| Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | |||||
| CVE-2006-1457 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 2.6 LOW | N/A |
| Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | |||||
| CVE-2006-1458 | 1 Apple | 1 Quicktime | 2017-07-19 | 5.1 MEDIUM | N/A |
| Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. | |||||
| CVE-2006-1466 | 1 Apple | 2 Mac Os X, Xcode | 2017-07-19 | 4.0 MEDIUM | N/A |
| Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service. | |||||
| CVE-2006-1468 | 1 Apple | 1 Mac Os X | 2017-07-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Apple File Protocol (AFP) server in Apple Mac OS X 10.4 up to 10.4.6 includes the names of restricted files and folders within search results, which might allow remote attackers to obtain sensitive information. | |||||
| CVE-2006-1469 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | |||||
| CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 5.0 MEDIUM | N/A |
| OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | |||||
| CVE-2006-1473 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-19 | 5.0 MEDIUM | N/A |
| Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors. | |||||
| CVE-2006-1479 | 1 Serge Rey | 1 Gtd-php | 2017-07-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey gtd-php (aka Getting Things Done) 0.5 allow remote attackers to inject arbitrary web script or HTML via the Description field in (1) newProject.php, (2) newList.php, and (3) newWaitingOn.php; the Title field in (4) newProject.php, (5) newList.php, (6) newWaitingOn.php, (7) newChecklist.php, (8) newContext.php, and (9) newGoal.php; the (10) Category Name field in newCategory.php; the (11) listTitle field in listReport.php; the (12) projectName field in projectReport.php; and the (13) checklistTitle field in checklistReport.php. | |||||
| CVE-2006-1485 | 1 Greymatter | 1 Greymatter | 2017-07-19 | 6.5 MEDIUM | N/A |
| gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-1486 | 1 Fusionzone | 1 Realestatezone | 2017-07-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in realestateZONE 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) bamin, (2) bemin, (3) pmin, and (4) state parameters. | |||||
| CVE-2006-1487 | 1 Activecampaign | 1 Supporttrio | 2017-07-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module. | |||||
| CVE-2006-1488 | 1 Activecampaign | 1 Supporttrio | 2017-07-19 | 5.0 MEDIUM | N/A |
| ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message. | |||||
| CVE-2006-1489 | 1 Fusionzone | 1 Couponzone | 2017-07-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. | |||||
| CVE-2006-1491 | 1 Horde | 1 Application Framework | 2017-07-19 | 7.5 HIGH | N/A |
| Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer. | |||||