Vulnerabilities (CVE)

Total 363310 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2426 1 Sun 3 Jdk, Jre, Sdk 2026-06-16 6.4 MEDIUM N/A
Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.
CVE-2006-2425 1 Phpremoteview 1 Phpremoteview 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) f, (2) d, and (3) ref parameters, and the (4) "MAKE DIR" and (5) "Full file name" fields.
CVE-2006-2424 1 Ezusermanager 1 Ezusermanager 2026-06-16 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManager_Path parameter to ezusermanager_pwd_forgott.php, possibly due to an issue in ezusermanager_core.inc.php.
CVE-2006-2423 1 Swsoft 1 Confixx 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.
CVE-2006-2422 1 Coinsoft Technologies 1 Phpcoin 2026-06-16 5.0 MEDIUM N/A
phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact".
CVE-2006-2421 1 Pragma Systems 1 Fortressssh 2026-06-16 7.5 HIGH N/A
Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remote attackers to execute arbitrary code via long SSH_MSG_KEXINIT messages, which may cause an overflow when being logged. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-2420 1 Mozilla 1 Bugzilla 2026-06-16 4.3 MEDIUM N/A
Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows remote attackers to conduct cross-site scripting (XSS) attacks via a title element with HTML encoded sequences such as ">", which are automatically decoded by some RSS readers. NOTE: this issue is not in Bugzilla itself, but rather due to design or documentation inconsistencies within RSS, or implementation vulnerabilities in RSS readers. While this issue normally would not be included in CVE, it is being identified since the Bugzilla developers have addressed it.
CVE-2006-2419 1 Php 1 Directory Listing Script 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
CVE-2006-2418 1 Phpmyadmin 1 Phpmyadmin 2026-06-16 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts.
CVE-2006-2417 1 Phpmyadmin 1 Phpmyadmin 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031.
CVE-2006-2416 1 E107 1 E107 2026-06-16 5.1 MEDIUM N/A
SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name'].
CVE-2006-2415 1 Flexchat 1 Flexchat 2026-06-16 5.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) CFTOKEN parameter in (a) index.cfm and (3) CFTOKEN and (4) CFID parameter in (b) chat.cfm.
CVE-2006-2414 1 Timo Sirainen 1 Dovecot 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
CVE-2006-2413 1 Gnunet 1 Gnunet 2026-06-16 5.0 MEDIUM N/A
GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors.
CVE-2006-2412 1 Raydium 1 Raydium 2026-06-16 5.0 MEDIUM N/A
The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read).
CVE-2006-2411 1 Raydium 1 Raydium 2026-06-16 7.5 HIGH N/A
Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to execute arbitrary code by sending packets with long global variables to the client.
CVE-2006-2410 1 Raydium 1 Raydium 2026-06-16 5.0 MEDIUM N/A
raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which causes a null dereference.
CVE-2006-2409 1 Raydium 1 Raydium 2026-06-16 4.6 MEDIUM N/A
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.
CVE-2006-2408 1 Raydium 1 Raydium 2026-06-16 7.5 HIGH N/A
Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.
CVE-2006-2407 3 Freeftpd, Freesshd, Weonlydo 3 Freeftpd, Freesshd, Wodsshserver 2026-06-16 7.5 HIGH N/A
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.