Max CVSS | 7.5 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-2946 | 5.0 |
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signatur
|
09-02-2024 - 03:13 | 16-09-2005 - 22:03 | |
CVE-2006-4481 | 7.2 |
The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_o
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
CVE-2006-4625 | 3.6 |
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
|
30-10-2018 - 16:25 | 12-09-2006 - 16:07 | |
CVE-2006-0576 | 7.2 |
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not ru
|
19-10-2018 - 15:45 | 08-02-2006 - 00:06 | |
CVE-2005-2666 | 1.2 |
SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate
|
11-10-2017 - 01:30 | 23-08-2005 - 04:00 | |
CVE-2006-2563 | 2.1 |
The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.
|
20-07-2017 - 01:31 | 29-05-2006 - 16:02 | |
CVE-2006-3011 | 4.6 |
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
|
20-07-2017 - 01:31 | 26-06-2006 - 21:05 | |
CVE-2006-3018 | 7.5 |
Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption.
|
15-09-2010 - 04:54 | 14-06-2006 - 23:02 |