Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29312 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5884 1 Microsoft 2 Ie, Internet Explorer 2024-11-21 7.5 HIGH N/A
Multiple unspecified vulnerabilities in DirectAnimation ActiveX controls for Microsoft Internet Explorer 5.01 through 6 have unknown impact and remote attack vectors, possibly related to (1) Danim.dll and (2) Lmrt.dll, a different set of vulnerabilities than CVE-2006-4446 and CVE-2006-4777.
CVE-2006-5883 1 Cpanel 1 Cpanel 2024-11-21 3.5 LOW N/A
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html.
CVE-2006-5881 1 Dynamic Dataworx 1 Nucommunity 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in cl_CatListing.asp in Dynamic Dataworx NuCommunity 1.0 allows remote attackers to execute arbitrary SQL commands via the cl_cat_ID parameter.
CVE-2006-5880 1 Isystems 1 Munch Pro 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability on the subMenu page in switch.asp in Munch Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2006-5879 1 Aspportal 1 Aspportal 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in default1.asp in ASPPortal 4.0.0 beta and earlier allows remote attackers to execute arbitrary SQL commands via the Poll_ID parameter, a different vector than CVE-2006-1353.
CVE-2006-5878 1 Edgewall Software 1 Trac 2024-11-21 7.5 HIGH N/A
Cross-site request forgery (CSRF) vulnerability in Edgewall Trac 0.10 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
CVE-2006-5877 2 Enigmail, Ubuntu 2 Enigmail, Ubuntu Linux 2024-11-21 7.8 HIGH N/A
The enigmail extension before 0.94.2 does not properly handle large, encrypted file e-mail attachments, which allows remote attackers to cause a denial of service (crash), as demonstrated with Mozilla Thunderbird.
CVE-2006-5876 1 Libsoup 1 Libsoup 2024-11-21 7.8 HIGH N/A
The soup_headers_parse function in soup-headers.c for libsoup HTTP library before 2.2.99 allows remote attackers to cause a denial of service (crash) via malformed HTTP headers, probably involving missing fields or values.
CVE-2006-5875 1 Enemies Of Carlotta 1 Enemies Of Carlotta 2024-11-21 6.8 MEDIUM N/A
eoc.py in Enemies of Carlotta (EoC) before 1.2.4 allows remote attackers to execute arbitrary commands via shell metacharacters in an "SMTP level e-mail address".
CVE-2006-5874 1 Clam Anti-virus 1 Clamav 2024-11-21 5.0 MEDIUM N/A
Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
CVE-2006-5873 2 Debian, L2tpns 2 Debian Linux, L2tpns 2024-11-21 7.8 HIGH N/A
Buffer overflow in the cluster_process_heartbeat function in cluster.c in layer 2 tunneling protocol network server (l2tpns) before 2.1.21 allows remote attackers to cause a denial of service via a large heartbeat packet.
CVE-2006-5871 1 Linux 1 Linux Kernel 2024-11-21 4.1 MEDIUM N/A
smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings.
CVE-2006-5869 1 Pstotext 1 Pstotext 2024-11-21 5.1 MEDIUM N/A
pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name.
CVE-2006-5868 3 Canonical, Debian, Imagemagick 3 Ubuntu Linux, Debian Linux, Imagemagick 2024-11-21 9.3 HIGH N/A
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
CVE-2006-5866 1 Phpmanta 1 Phpmanta 2024-11-21 6.4 MEDIUM N/A
Directory traversal vulnerability in Mdoc/view-sourcecode.php for phpManta 1.0.2 and earlier allows remote attackers to read and include arbitrary files via ".." sequences in the file parameter.
CVE-2006-5863 1 Otterware 1 Letterit2 2024-11-21 7.5 HIGH N/A
PHP remote file inclusion vulnerability in inc/session.php for LetterIt 2 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.
CVE-2006-5862 1 Network Administration Visualized 1 Network Administration Visualized 2024-11-21 4.6 MEDIUM N/A
Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized (NAV) before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors.
CVE-2006-5861 1 Citrix 2 Metaframe, Metaframe Presentation Server 2024-11-21 5.0 MEDIUM N/A
The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception.
CVE-2006-5856 1 Adobe 1 Download Manager 2024-11-21 6.8 MEDIUM N/A
Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.
CVE-2006-5855 1 Ibm 1 Tivoli Storage Manager 2024-11-21 10.0 HIGH N/A
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.