Max CVSS | 9.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-1865 | 7.5 |
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing.
|
13-02-2024 - 17:54 | 21-04-2006 - 23:06 | |
CVE-2006-1629 | 9.0 |
OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. OpenVPN version 2.0.6 fixes this vulnerability.
|
12-05-2020 - 14:21 | 06-04-2006 - 22:04 | |
CVE-2006-1803 | 4.3 |
Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter.
|
18-10-2018 - 16:36 | 18-04-2006 - 10:02 | |
CVE-2006-1804 | 7.5 |
SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. This vulnerbability may affect earlier versions of phpMyAdmin as well.
|
18-10-2018 - 16:36 | 18-04-2006 - 10:02 | |
CVE-2006-1550 | 7.6 |
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of poi
|
18-10-2018 - 16:33 | 30-03-2006 - 23:02 | |
CVE-2006-1260 | 5.0 |
Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
|
18-10-2018 - 16:31 | 19-03-2006 - 02:02 | |
CVE-2006-2026 | 6.5 |
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield me
|
03-10-2018 - 21:40 | 25-04-2006 - 23:02 | |
CVE-2006-2025 | 6.5 |
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. This vulnerability is addressed in
|
03-10-2018 - 21:40 | 25-04-2006 - 23:02 | |
CVE-2006-2024 | 4.0 |
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (
|
03-10-2018 - 21:40 | 25-04-2006 - 23:02 | |
CVE-2006-1678 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory.
|
20-07-2017 - 01:30 | 11-04-2006 - 00:02 | |
CVE-2005-4190 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework before 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by (1) the identity field, (2) Category and
|
13-09-2011 - 04:00 | 13-12-2005 - 11:03 | |
CVE-2006-1827 | 6.4 |
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigne
|
08-03-2011 - 02:34 | 18-04-2006 - 20:02 |