Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-0336 | 1 Kerio | 1 Winroute Firewall | 2017-07-19 | 5.0 MEDIUM | N/A |
Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web". | |||||
CVE-2006-0337 | 1 F-secure | 4 F-secure Anti-virus, F-secure Internet Security, Internet Gatekeeper and 1 more | 2017-07-19 | 7.5 HIGH | N/A |
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. | |||||
CVE-2006-0338 | 1 F-secure | 4 F-secure Anti-virus, F-secure Internet Security, F-secure Personal Express and 1 more | 2017-07-19 | 5.0 MEDIUM | N/A |
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned. | |||||
CVE-2006-0340 | 1 Cisco | 1 Ios | 2017-07-19 | 7.1 HIGH | N/A |
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. | |||||
CVE-2006-0341 | 1 Rockliffe | 1 Mailsite | 2017-07-19 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe MailSite 5.x and 6.1.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
CVE-2006-0342 | 1 Rockliffe | 1 Mailsite | 2017-07-19 | 7.8 HIGH | N/A |
RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special characters such as "|". | |||||
CVE-2006-0343 | 1 Hitachi | 2 Jpi Netsight Ii Port Discovery Advance, Jpi Netsight Ii Port Discovery Standard | 2017-07-19 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetInsight II allows attackers to stop the Port Discovery service via unknown vectors involving "invalid format data". | |||||
CVE-2006-0344 | 1 Intervations | 1 Filecopa | 2017-07-19 | 6.4 MEDIUM | N/A |
Directory traversal vulnerability in Intervations FileCOPA FTP Server 1.01 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the (1) STOR and (2) RETR commands. | |||||
CVE-2006-0345 | 1 Saral Kaushik | 1 Saralblog | 2017-07-19 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary SQL commands via the search parameter to search.php. NOTE: the id/viewprofile.php issue is already covered by CVE-2005-4058. | |||||
CVE-2006-0346 | 1 Saral Kaushik | 1 Saralblog | 2017-07-19 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php. | |||||
CVE-2006-0347 | 1 Stefan Ritt | 1 Elog Web Logbook | 2017-07-19 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL. | |||||
CVE-2006-0348 | 1 Stefan Ritt | 1 Elog Web Logbook | 2017-07-19 | 5.0 MEDIUM | N/A |
Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2006-0349 | 1 Epic Designs | 1 Eggblog | 2017-07-19 | 7.5 HIGH | N/A |
SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php. | |||||
CVE-2006-0350 | 1 Epic Designs | 1 Eggblog | 2017-07-19 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. | |||||
CVE-2006-0351 | 1 Don Moore | 1 Mydns | 2017-07-19 | 5.0 MEDIUM | N/A |
Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors. | |||||
CVE-2006-0353 | 1 Gnu | 1 Lsh | 2017-07-19 | 3.6 LOW | N/A |
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys. | |||||
CVE-2006-0360 | 1 Mpm | 1 Hp-180w Voip Wifi Phone | 2017-07-19 | 6.4 MEDIUM | N/A |
MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication. | |||||
CVE-2006-0362 | 1 3com | 1 Tippingpoint Ips Tos | 2017-07-19 | 5.0 MEDIUM | N/A |
TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, and TOS 2.2.x before 2.2.1.6506, allow remote attackers to cause a denial of service (CPU consumption) via an unknown vector, probably involving an HTTP request with a negative number in the Content-Length header. | |||||
CVE-2006-0364 | 1 Mybulletinboard | 1 Mybulletinboard | 2017-07-19 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as demonstrated by "javascript". | |||||
CVE-2006-0367 | 1 Cisco | 1 Call Manager | 2017-07-19 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page." |