Vulnerabilities (CVE)

Total 363394 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-2410 1 Raydium 1 Raydium 2026-06-16 5.0 MEDIUM N/A
raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which causes a null dereference.
CVE-2006-2409 1 Raydium 1 Raydium 2026-06-16 4.6 MEDIUM N/A
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.
CVE-2006-2408 1 Raydium 1 Raydium 2026-06-16 7.5 HIGH N/A
Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name.
CVE-2006-2407 3 Freeftpd, Freesshd, Weonlydo 3 Freeftpd, Freesshd, Wodsshserver 2026-06-16 7.5 HIGH N/A
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
CVE-2006-2406 1 Unclassified Newsboard 1 Unclassified Newsboard 2026-06-16 2.6 LOW N/A
Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the design_path parameter. NOTE: this is closely related, but a different vulnerability than the ABBC[Config][smileset] parameter.
CVE-2006-2405 1 Unclassified Newsboard 1 Unclassified Newsboard 2026-06-16 6.8 MEDIUM N/A
Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 patch 1 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the ABBC[Config][smileset] parameter to unb_lib/abbc.css.php.
CVE-2006-2404 1 Radscripts 1 Radlance 2026-06-16 6.4 MEDIUM N/A
Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.
CVE-2006-2403 1 Filezilla 1 Filezilla 2026-06-16 7.5 HIGH N/A
Buffer overflow in FileZilla before 2.2.23 allows remote attackers to execute arbitrary commands via unknown attack vectors.
CVE-2006-2402 1 Outgun 1 Outgun 2026-06-16 5.0 MEDIUM N/A
Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long string.
CVE-2006-2401 1 Outgun 1 Outgun 2026-06-16 7.8 HIGH N/A
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which triggers a buffer over-read.
CVE-2006-2400 1 Outgun 1 Outgun 2026-06-16 7.8 HIGH N/A
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown.
CVE-2006-2399 1 Outgun 1 Outgun 2026-06-16 7.5 HIGH N/A
Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string.
CVE-2006-2398 1 Gphotos 1 Gphotos 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in index.php in GPhotos 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rep parameter.
CVE-2006-2397 1 Gphotos 1 Gphotos 2026-06-16 5.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) rep parameter to (a) index.php or (b) diapo.php or (2) image parameter to (c) affich.php. NOTE: item 1a might be resultant from directory traversal.
CVE-2006-2396 1 Phpodp 1 Phpodp 2026-06-16 5.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in phpODP 1.5h allows remote attackers to inject arbitrary web script via the browse parameter.
CVE-2006-2395 1 Popsoft Digital 1 Popphoto 2026-06-16 5.0 MEDIUM N/A
PHP remote file inclusion vulnerability in resources/includes/popp.config.loader.inc.php in PopSoft Digital PopPhoto Studio 3.5.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter (cfg['popphoto_base_path'] variable). NOTE: Pixaria has notified CVE that "PopPhoto is NOT a product of Pixaria. It was a product of PopSoft Digital and is only hosted by Pixaria as a courtesy... The vulnerability listed was patched by the previous vendor and all previous users have received this update."
CVE-2006-2394 1 Turnkey Web Tools 1 Php Live Helper 2026-06-16 5.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter.
CVE-2006-2393 1 Empire Server 1 Empire Server 2026-06-16 5.0 MEDIUM N/A
The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access.
CVE-2006-2392 1 Blue Dragon 1 Php Blue Dragon 2026-06-16 6.4 MEDIUM N/A
PHP remote file inclusion vulnerability in public_includes/pub_popup/popup_finduser.php in PHP Blue Dragon Platinum 2.8.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter.
CVE-2006-2391 1 Emc 1 Retrospect Client 2026-06-16 7.5 HIGH N/A
Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.