Total
29912 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5281 | 1 Navyism | 1 N At Board | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in naboard_pnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter. | ||||
| CVE-2006-5290 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2026-04-23 | N/A |
| The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname." | ||||
| CVE-2006-5349 | 1 Oracle | 1 Http Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running on HP Tru64 UNIX, has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS07. | ||||
| CVE-2006-5347 | 1 Oracle | 1 Http Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle Collaboration Suite 9.0.4.2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS04. | ||||
| CVE-2006-5371 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle Email Center component in Oracle E-Business Suite 11.5.9 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS07. | ||||
| CVE-2006-5381 | 1 Contenido | 1 Contendio | 2026-04-23 | N/A |
| Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory. | ||||
| CVE-2006-5410 | 1 Boonex | 1 Dolphin | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter. NOTE: it is possible that this issue overlaps CVE-2006-4189. | ||||
| CVE-2006-5428 | 1 Cerberus | 1 Cerberus Helpdesk | 2026-04-23 | N/A |
| rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request. | ||||
| CVE-2006-5436 | 1 Freefaq | 1 Freefaq | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote attackers to execute arbitrary PHP code via a URL in the faqpath parameter. | ||||
| CVE-2006-5461 | 1 Avahi | 1 Avahi | 2026-04-23 | N/A |
| Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi. | ||||
| CVE-2006-5528 | 1 Schoolalumni Portal | 1 Schoolalumni Portal | 2026-04-23 | N/A |
| Directory traversal vulnerability in mod.php in SchoolAlumni Portal 2.26 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0218 | 2 Ldra, Particlesoftware | 2 Tbbrowse, Intralaunch | 2026-04-23 | N/A |
| Insecure method vulnerability in Particle Software IntraLaunch Application Launcher ActiveX control in IntraLaunch.ocx, as used in LDRA TBbrowse and possibly other products, allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2006-5553 | 1 Cisco | 3 Security Agent, Unified Callmanager, Unified Presence Server | 2026-04-23 | N/A |
| Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options. | ||||
| CVE-2006-5564 | 1 Maxdev | 1 Md-pro | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5664 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2026-04-23 | N/A |
| The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | ||||
| CVE-2006-5709 | 1 Alt-n | 1 Mdaemon | 2026-04-23 | N/A |
| Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit." | ||||
| CVE-2006-5732 | 1 Tgs Cms | 1 Tgs Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the myauthorid cookie. | ||||
| CVE-2006-5751 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request. | ||||
| CVE-2006-5781 | 1 Iodine | 1 Iodine | 2026-04-23 | N/A |
| Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a crafted DNS response. | ||||
| CVE-2006-5798 | 1 Xenis | 1 Xenis.creator Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Xenis.creator CMS allows remote attackers to execute arbitrary SQL commands via the contid parameter. | ||||