Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29924 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-1182 1 Adobe 2 Document Server, Graphics Server 2026-06-16 2.6 LOW N/A
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.
CVE-2006-1178 1 Tamarack Consulting 1 Tamarack Mmsd 2026-06-16 5.0 MEDIUM N/A
Tamarack MMSd before 7.992 allows remote attackers to cause a denial of service (crash) via malformed RFC1006 (OSI over TCP/IP) packets.
CVE-2006-1176 1 Ebay 1 Enhanced Picture Services 2026-06-16 7.5 HIGH N/A
Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.
CVE-2006-1175 1 Weonlydo 1 Weonlydo Sftp 2026-06-16 4.0 MEDIUM N/A
The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and write files in arbitrary locations by accessing the control from a web page.
CVE-2006-1172 1 Tdc 1 Cryptomathic Cenroll Activex Control 2026-06-16 5.0 MEDIUM N/A
Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1.0.0 allows remote attackers to execute arbitrary code via vectors related to the TDC Digital signature.
CVE-2006-1168 1 Ncompress 1 Ncompress 2026-06-16 7.5 HIGH N/A
The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow.
CVE-2006-1167 1 Sgi 1 Propack 2026-06-16 1.2 LOW N/A
SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information.
CVE-2006-1166 1 Monotone 1 Monotone 2026-06-16 3.7 LOW N/A
Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary Lua programs as the user running monotone.
CVE-2006-1165 1 Andreas Gohr 1 Dokuwiki 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."
CVE-2006-1164 1 Nodez 1 Nodez 2026-06-16 7.5 HIGH N/A
Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat.
CVE-2006-1163 1 Nodez 1 Nodez 2026-06-16 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: it is possible that this issue is resultant from the directory traversal vulnerability.
CVE-2006-1162 1 Nodez 1 Nodez 2026-06-16 5.1 MEDIUM N/A
Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.
CVE-2006-1161 1 Efs Software 1 Efs Web Server 2026-06-16 6.5 MEDIUM N/A
Absolute path traversal vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder.
CVE-2006-1160 1 Efs Software 1 Efs Web Server 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file.
CVE-2006-1159 1 Efs Software 1 Efs Web Server 2026-06-16 7.8 HIGH N/A
Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request.
CVE-2006-1158 1 Kerio 1 Kerio Mailserver 2026-06-16 7.8 HIGH N/A
Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP LOGIN command.
CVE-2006-1157 1 Adp 1 Adp Forum 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.
CVE-2006-1156 1 Manas Tungare 1 Site Membership Script 2026-06-16 5.0 MEDIUM N/A
SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp.
CVE-2006-1155 1 Manas Tungare 1 Site Membership Script 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp.
CVE-2006-1153 1 D2-shoutbox 1 D2-shoutbox 2026-06-16 5.0 MEDIUM N/A
SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB).