2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-2336 | — | — | 1.1% | May 12, 2006 | SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote attackers to execute arb... |
| CVE-2006-2337 | — | — | 1.8% | May 12, 2006 | Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to... |
| CVE-2006-2273 | — | — | 3.3% | May 12, 2006 | The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not verify Microsoft Cabine... |
| CVE-2006-2329 | — | — | 2.3% | May 12, 2006 | AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-... |
| CVE-2006-2307 | — | — | 1.3% | May 11, 2006 | Cross-site scripting (XSS) vulnerability in Website Baker CMS before 2.6.4 allows remote attackers to inject arbitrary w... |
| CVE-2006-2306 | — | — | 2.9% | May 11, 2006 | Cross-site scripting (XSS) vulnerability in moreinfo.asp in EPublisherPro allows remote attackers to inject arbitrary we... |
| CVE-2006-2305 | — | — | 1.2% | May 11, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Jadu CMS allow remote attackers to inject arbitrary web script or... |
| CVE-2006-2304 | — | — | 8.2% | May 11, 2006 | Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow re... |
| CVE-2006-2303 | — | — | 1.6% | May 11, 2006 | Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inj... |
| CVE-2006-2302 | — | — | 1.3% | May 11, 2006 | SQL injection vulnerability in admin_default.asp in DUGallery 2.x allows remote attackers to execute arbitrary SQL comma... |
| CVE-2006-2301 | — | — | 1.5% | May 11, 2006 | SQL injection vulnerability in admin_default.asp in OzzyWork Galeri allows remote attackers to execute arbitrary SQL com... |
| CVE-2006-2300 | — | — | 1.7% | May 11, 2006 | Multiple SQL injection vulnerabilities in EImagePro allow remote attackers to execute arbitrary SQL commands via the (1)... |
| CVE-2006-2298 | — | — | 2.8% | May 10, 2006 | The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Solaris 9 and 10 allows remote attac... |
| CVE-2006-0994 | — | — | 21.6% | May 10, 2006 | Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet... |
| CVE-2006-0993 | — | — | 2.7% | May 10, 2006 | The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain direc... |
| CVE-2006-2297 | — | — | 19.4% | May 10, 2006 | Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to exe... |
| CVE-2006-2082 | — | — | 2.6% | May 10, 2006 | Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfen... |
| CVE-2006-0034 | — | — | 30.5% | May 10, 2006 | Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed T... |
| CVE-2006-1184 | — | — | 29.7% | May 10, 2006 | Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allo... |
| CVE-2006-0561 | — | — | 0.4% | May 10, 2006 | Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the re... |
| CVE-2006-2293 | — | — | 1.2% | May 10, 2006 | SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL ... |
| CVE-2006-2280 | — | — | 3.5% | May 10, 2006 | Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and earlier allows remote attackers to list ar... |
| CVE-2006-2279 | — | — | 2.1% | May 10, 2006 | Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (... |
| CVE-2006-2278 | — | — | 1.6% | May 10, 2006 | SaphpLesson 3.0 does not initialize array variables, which allows remote attackers to obtain the full path via an non-ar... |
| CVE-2006-2277 | — | — | 7.4% | May 10, 2006 | Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (applicat... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now