Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-4434 | 5.0 |
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the sev
|
15-02-2024 - 21:20 | 29-08-2006 - 00:04 | |
CVE-2006-4111 | 7.5 |
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112. This vulnerabi
|
08-08-2019 - 14:38 | 14-08-2006 - 21:04 | |
CVE-2006-4112 | 7.5 |
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of serv
|
08-08-2019 - 14:38 | 14-08-2006 - 21:04 | |
CVE-2006-2314 | 7.5 |
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow th
|
18-10-2018 - 16:39 | 24-05-2006 - 10:06 | |
CVE-2006-4089 | 5.0 |
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service (application crash), or have other unknown impact, via (1) a long Location field sent by a web server, which triggers an ove
|
17-10-2018 - 21:33 | 11-08-2006 - 10:04 | |
CVE-2006-3694 | 6.4 |
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
|
11-10-2017 - 01:31 | 21-07-2006 - 14:03 | |
CVE-2006-3125 | 7.5 |
Array index error in tetrinet.c in gtetrinet 0.7.8 and earlier allows remote attackers to execute arbitrary code via a packet specifying a negative number of players, which is used as an array index.
|
20-07-2017 - 01:32 | 31-08-2006 - 21:04 | |
CVE-2006-3124 | 7.5 |
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
|
20-07-2017 - 01:32 | 26-08-2006 - 21:04 |