2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-3857Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote a...
CVE-2006-4020scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code vi...
CVE-2006-4018Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 a...
CVE-2006-4016Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and earlier, and unstable 1.1 and earli...
CVE-2006-4015Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to...
CVE-2006-4014Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allow...
CVE-2006-4013Multiple directory traversal vulnerabilities in Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Cente...
CVE-2006-4012Multiple PHP remote file inclusion vulnerabilities in circeOS SaveWeb Portal 3.4 allow remote attackers to execute arbit...
CVE-2006-4011PHP remote file inclusion vulnerability in esupport/admin/autoclose.php in Kayako eSupport 2.3.1 and earlier, when regis...
CVE-2006-4010SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows remote attackers to execute arbitr...
CVE-2006-4009Cross-site scripting (XSS) vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows remote attackers to i...
CVE-2006-4008PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitra...
CVE-2006-4006The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data...
CVE-2006-4007PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute a...
CVE-2006-4002Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 before 4.6.9, and 4.7 before 4.7.3, allows remote ...
CVE-2006-4003The config method in Henrik Storner Hobbit monitor before 4.1.2p2 permits access to files outside of the intended config...
CVE-2006-4004Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled...
CVE-2006-4005BomberClone 0.11.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via (1) a certain mal...
CVE-2006-4017Cross-site scripting (XSS) vulnerability in the search module in Inter Network Marketing (INM) CMS G3 allows remote atta...
CVE-2006-3123Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptograp...
CVE-2006-0395The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an ...
CVE-2006-3998PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows...
CVE-2006-3999ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the...
CVE-2006-3997PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allo...
CVE-2006-4001Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest acc...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now