Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29914 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2030 1 Alliedtelesyn 1 At-9724ts 2026-06-16 5.0 MEDIUM N/A
The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large amount of UDP data to the switch, which leads to unstable operation and possibly failure of the management interface or routing.
CVE-2006-2029 1 Simplog 1 Simplog 2026-06-16 6.4 MEDIUM N/A
Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter in (a) preview.php; the (2) cid, (3) pid, and (4) eid parameters in (b) archive.php; and the (5) pid parameter in (c) comments.php.
CVE-2006-2028 1 Simplog 1 Simplog 2026-06-16 5.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy Ashcraft Simplog 0.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the imagedir parameter. NOTE: this issue might be resultant from directory traversal.
CVE-2006-2027 1 Pablo Software Solutions 1 Quick N Easy Ftp Server 2026-06-16 6.5 MEDIUM N/A
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue.
CVE-2006-2025 1 Libtiff 1 Libtiff 2026-06-16 6.5 MEDIUM N/A
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.
CVE-2006-2024 1 Libtiff 1 Libtiff 2026-06-16 4.0 MEDIUM N/A
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c.
CVE-2006-2023 1 Ls3 1 Fenice 2026-06-16 5.0 MEDIUM N/A
Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a large HTTP Content-Length value, which leads to an invalid memory access.
CVE-2006-2022 1 Ls3 1 Fenice 2026-06-16 7.5 HIGH N/A
Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and earlier allows remote attackers to execute arbitrary code via a long URL.
CVE-2006-2021 1 Asteriskathome 1 Asteriskathome 2026-06-16 5.0 MEDIUM N/A
Absolute path traversal vulnerability in recordings/misc/audio.php in the Asterisk Recording Interface (ARI) web interface in Asterisk@Home before 2.8 allows remote attackers to read arbitrary MP3, WAV, and GSM files via a full pathname in the recording parameter. NOTE: this issue can also be used to determine existence of files.
CVE-2006-2020 1 Asteriskathome 1 Asteriskathome 2026-06-16 7.8 HIGH N/A
Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores recordings/includes/main.conf under the web document root with insufficient access control, which allows remote attackers to obtain password information.
CVE-2006-2019 1 Apple 1 Safari 2026-06-16 5.0 MEDIUM N/A
Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute.
CVE-2006-2018 1 Jelsoft 1 Vbulletin 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in calendar.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL commands via the eventid parameter. NOTE: the affected version has been disputed by the vendor. It appears that this is the same issue as CVE-2004-0036, which was fixed in 2.3.4.
CVE-2006-2017 1 Dnsmasq 1 Dnsmasq 2026-06-16 5.0 MEDIUM N/A
Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.
CVE-2006-2015 1 Web-provence 1 Sl Site 2026-06-16 2.6 LOW N/A
Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. NOTE: other XSS vectors, as reported in the original disclosure, are resultant from other primary vulnerabilities that have separate CVE names.
CVE-2006-2014 1 Web-provence 1 Sl Site 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list images in arbitrary directories via ".." sequences in the rep parameter, which is used to construct a directory name in admin/config.inc.php. NOTE: this issue could be used to produce resultant XSS from an error message.
CVE-2006-2013 1 Web-provence 1 Sl Site 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. NOTE: this issue could be used to produce resultant XSS from an error message.
CVE-2006-2012 1 Skulltag Team 1 Skulltag 2026-06-16 5.0 MEDIUM N/A
Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string.
CVE-2006-2011 1 4homepages 1 4images 2026-06-16 2.6 LOW N/A
Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the nickname, probably involving the user_name parameter in register.php.
CVE-2006-2010 1 Paras Chopra 1 Bloggage 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in check_login.asp in Bloggage allow remote attackers to execute arbitrary SQL commands via the (1) acc_name and (2) password parameter.
CVE-2006-2009 1 Phpmyagenda 1 Phpmyagenda 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda 3.0 Final and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootagenda parameter.