2006 CVE Vulnerabilities

7,145 CVEs published in 2006.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2006-2470Unspecified vulnerability in the WebLogic Server Administration Console for BEA WebLogic Server 9.0 prevents the console...
CVE-2006-2469The HTTP handlers in BEA WebLogic Server 9.0, 8.1 up to SP5, 7.0 up to SP6, and 6.1 up to SP7 stores the username and pa...
CVE-2006-2468The WebLogic Server Administration Console in BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 displays the domain na...
CVE-2006-2467BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic ser...
CVE-2006-2466BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote attackers to obtain the source code of JSP pages durin...
CVE-2006-2464stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displays the administrato...
CVE-2006-2463view_album.php in SelectaPix 1.31 and earlier allows remote attackers to obtain the installation path via a certain requ...
CVE-2006-2462BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6, may send sensitive data over non-secure cha...
CVE-2006-2461BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, whi...
CVE-2006-2460Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is enabled, does not protect critical variable...
CVE-2006-2459SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and earlier allows remote authenticated users to exec...
CVE-2006-2458Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code...
CVE-2006-1855choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a ...
CVE-2006-1528Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver...
CVE-2006-2441Pioneers meta-server before 0.9.55, when the server-console is not installed, allows remote attackers to cause a denial ...
CVE-2006-2442kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP pass...
CVE-2006-2443The Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, which allows local us...
CVE-2006-2440Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary ...
CVE-2006-2430IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials ...
CVE-2006-2429Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown ...
CVE-2006-2428add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary exten...
CVE-2006-2427freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before process...
CVE-2006-2426Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remo...
CVE-2006-2425Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow ...
CVE-2006-2422phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read m...

Check if your code is affected by 2006 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now