2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-3431Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arb...
CVE-2006-2451The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a l...
CVE-2006-3412Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intende...
CVE-2006-3410Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit nodes," which allows rem...
CVE-2006-3409Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, whic...
CVE-2006-3408Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote attackers to cause an...
CVE-2006-3407Tor before 0.1.1.20 allows remote attackers to spoof log entries or possibly execute shell code via strings with non-pri...
CVE-2006-3406Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files v...
CVE-2006-3405Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary ...
CVE-2006-3411TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, whic...
CVE-2006-3430SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2...
CVE-2006-3429Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows remote attackers to inject arbitrary web script o...
CVE-2006-3428Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 allows remote attackers to inject arbitrary web script o...
CVE-2006-3427Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by declaring the sourceURL at...
CVE-2006-3426Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b...
CVE-2006-3425FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 ...
CVE-2006-3424Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November 2005, allow remote a...
CVE-2006-3423WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which a...
CVE-2006-3422PHP remote file inclusion vulnerability in WonderEdit Pro CMS allows remote attackers to execute arbitrary PHP code via ...
CVE-2006-3421PHP remote file inclusion vulnerability in SmartSiteCMS 1.0 and earlier, when register_globals is enabled, allows remote...
CVE-2006-3420Cross-site request forgery (CSRF) vulnerability in editpost.php in MyBulletinBoard (MyBB) before 1.1.5 allows remote att...
CVE-2006-3419Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes,...
CVE-2006-3418Tor before 0.1.1.20 does not validate that a server descriptor's fingerprint line matches its identity key, which allows...
CVE-2006-3417Tor client before 0.1.1.20 prefers entry points based on is_fast or is_stable flags, which could allow remote attackers ...
CVE-2006-3416Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to b...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now