Total
29862 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6531 | 1 Drupal | 1 Help Tip Module | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Help Tip module before 4.7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML, and possibly obtain administrative access, via node titles. | ||||
| CVE-2006-5376 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.22 GA, 8.46 GA, 8.47 GA, 8.48 GA, 8.22.11, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) PSE04, (2) PSE06, (3) PSE07, and (4) PSE08. | ||||
| CVE-2006-6538 | 1 D-link | 1 Dwl-2000ap\+ | 2025-04-09 | N/A |
| D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link. | ||||
| CVE-2006-5379 | 1 Nvidia | 1 Binary Graphics Driver | 2025-04-09 | N/A |
| The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations. | ||||
| CVE-2006-5382 | 1 3com | 1 Superstack 3 Switch 4400 | 2025-04-09 | N/A |
| 3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned. | ||||
| CVE-2006-6543 | 1 Appintellect | 1 Spotlight Crm | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in AppIntellect SpotLight CRM 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) login (UserName) and possibly (2) password parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5384 | 1 Cds Software Consortium | 1 Cds Agenda | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter. | ||||
| CVE-2006-5386 | 1 Nuralstorm | 1 Nuralstorm Webmail | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in process.php in NuralStorm Webmail 0.98b and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DEFAULT_SKIN parameter. | ||||
| CVE-2006-6544 | 1 Cm68 News | 1 Cm68 News | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in CM68 News allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-5391 | 1 Xfire | 1 Xfire | 2025-04-09 | N/A |
| Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777. | ||||
| CVE-2006-6553 | 1 Mxbb | 1 Mxbb Newssuite | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in includes/newssuite_constants.php in the NewsSuite 1.03 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | ||||
| CVE-2006-5393 | 1 Cisco | 1 Secure Desktop | 2025-04-09 | 5.5 Medium |
| Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session. | ||||
| CVE-2006-5394 | 1 Cisco | 1 Secure Desktop | 2025-04-09 | N/A |
| The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session. | ||||
| CVE-2006-5401 | 1 Aroundme | 1 Aroundme | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in template/barnraiser_01/p_new_password.tpl.php in AROUNDMe 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter. | ||||
| CVE-2006-6566 | 1 Mxbb | 1 Mxbb | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2006-5405 | 1 Toshiba | 1 Bluetooth Wireless Device Driver | 2025-04-09 | N/A |
| Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth packets. | ||||
| CVE-2006-6567 | 1 Mxbb | 1 Kb Mods | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2006-5406 | 1 Passgo | 1 Defender | 2025-04-09 | N/A |
| Passgo Defender 5.2 creates the application directory with insecure permissions (Everyone/Full Control), which allows local users to read and modify sensitive files. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-6572 | 1 Citrix | 1 Access Gateway | 2025-04-09 | N/A |
| Unspecified vulnerability in Citrix Advanced Access Control (AAC) Option 4.0, and Access Gateway 4.2 with Advanced Access Control 4.2, before 20061114, when the Browser-Only access feature is enabled, allows remote authenticated users to bypass access policies via a certain login method, a different issue than CVE-2006-4846. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5407 | 1 Osticket | 1 Osticket | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. | ||||