Total
361485 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1173 | 1 Sendmail | 1 Sendmail | 2026-06-16 | 5.0 MEDIUM | N/A |
| Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files. | |||||
| CVE-2006-1172 | 1 Tdc | 1 Cryptomathic Cenroll Activex Control | 2026-06-16 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1.0.0 allows remote attackers to execute arbitrary code via vectors related to the TDC Digital signature. | |||||
| CVE-2006-1168 | 1 Ncompress | 1 Ncompress | 2026-06-16 | 7.5 HIGH | N/A |
| The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. | |||||
| CVE-2006-1167 | 1 Sgi | 1 Propack | 2026-06-16 | 1.2 LOW | N/A |
| SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information. | |||||
| CVE-2006-1166 | 1 Monotone | 1 Monotone | 2026-06-16 | 3.7 LOW | N/A |
| Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary Lua programs as the user running monotone. | |||||
| CVE-2006-1165 | 1 Andreas Gohr | 1 Dokuwiki | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data." | |||||
| CVE-2006-1164 | 1 Nodez | 1 Nodez | 2026-06-16 | 7.5 HIGH | N/A |
| Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat. | |||||
| CVE-2006-1163 | 1 Nodez | 1 Nodez | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: it is possible that this issue is resultant from the directory traversal vulnerability. | |||||
| CVE-2006-1162 | 1 Nodez | 1 Nodez | 2026-06-16 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter. | |||||
| CVE-2006-1161 | 1 Efs Software | 1 Efs Web Server | 2026-06-16 | 6.5 MEDIUM | N/A |
| Absolute path traversal vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder. | |||||
| CVE-2006-1160 | 1 Efs Software | 1 Efs Web Server | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file. | |||||
| CVE-2006-1159 | 1 Efs Software | 1 Efs Web Server | 2026-06-16 | 7.8 HIGH | N/A |
| Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request. | |||||
| CVE-2006-1158 | 1 Kerio | 1 Kerio Mailserver | 2026-06-16 | 7.8 HIGH | N/A |
| Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP LOGIN command. | |||||
| CVE-2006-1157 | 1 Adp | 1 Adp Forum | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php. | |||||
| CVE-2006-1156 | 1 Manas Tungare | 1 Site Membership Script | 2026-06-16 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp. | |||||
| CVE-2006-1155 | 1 Manas Tungare | 1 Site Membership Script | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp. | |||||
| CVE-2006-1154 | 1 Fscripts | 1 Fantastic News | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable. | |||||
| CVE-2006-1153 | 1 D2-shoutbox | 1 D2-shoutbox | 2026-06-16 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB). | |||||
| CVE-2006-1152 | 1 M Phorum | 1 M Phorum | 2026-06-16 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-1151 | 1 M Phorum | 1 M Phorum | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter. | |||||