2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-2722 | — | — | 1.1% | Jun 1, 2006 | SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL command... |
| CVE-2006-2721 | — | — | 1.1% | Jun 1, 2006 | Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web... |
| CVE-2006-2713 | — | — | 1.9% | May 31, 2006 | Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers ... |
| CVE-2006-2712 | — | — | 2.6% | May 31, 2006 | Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest,... |
| CVE-2006-2711 | — | — | 1.9% | May 31, 2006 | Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initializat... |
| CVE-2006-2710 | — | — | 1.9% | May 31, 2006 | Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allow... |
| CVE-2006-2709 | — | — | 3.6% | May 31, 2006 | Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a message, which allows remo... |
| CVE-2006-2708 | — | — | 2.3% | May 31, 2006 | Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory ... |
| CVE-2006-2706 | — | — | 2.1% | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via fo... |
| CVE-2006-2707 | — | — | 1.1% | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an up... |
| CVE-2006-2705 | — | — | 2.1% | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of s... |
| CVE-2006-2704 | — | — | 2.1% | May 31, 2006 | Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote ... |
| CVE-2006-2717 | — | — | 1.8% | May 31, 2006 | Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1 allows authenticate... |
| CVE-2006-2716 | — | — | 2.1% | May 31, 2006 | Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote... |
| CVE-2006-2715 | — | — | 2.1% | May 31, 2006 | The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, whi... |
| CVE-2006-2714 | — | — | 1.8% | May 31, 2006 | Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which al... |
| CVE-2006-1515 | — | — | 3.6% | May 31, 2006 | Buffer overflow in the addnewword function in typespeed 0.4.4 and earlier might allow remote attackers to execute arbitr... |
| CVE-2006-1175 | — | — | 2.2% | May 31, 2006 | The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and ... |
| CVE-2006-2698 | — | — | 2.0% | May 31, 2006 | Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possi... |
| CVE-2006-2685 | — | — | 48.5% | May 31, 2006 | PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_gl... |
| CVE-2006-2702 | — | — | 2.9% | May 31, 2006 | vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a ... |
| CVE-2006-2701 | — | — | 1.3% | May 31, 2006 | SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands vi... |
| CVE-2006-2700 | — | — | 1.4% | May 31, 2006 | SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arb... |
| CVE-2006-2699 | — | — | 2.4% | May 31, 2006 | Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inje... |
| CVE-2006-2697 | — | — | 1.1% | May 31, 2006 | Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL comman... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now