2006 CVE Vulnerabilities
7,145 CVEs published in 2006.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-6530 | — | — | 1.1% | Dec 14, 2006 | SQL injection vulnerability in the Help Tip module before 4.7.x-1.0 for Drupal allows remote attackers to execute arbitr... |
| CVE-2006-6531 | — | — | 1.1% | Dec 14, 2006 | Cross-site scripting (XSS) vulnerability in the Help Tip module before 4.7.x-1.0 for Drupal allows remote attackers to i... |
| CVE-2006-6532 | — | — | 1.0% | Dec 14, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to inject ar... |
| CVE-2006-6533 | — | — | 1.6% | Dec 14, 2006 | Directory traversal vulnerability in admin/templates_boxes_layout.php in osCommerce 3.0a3 allows remote attackers to inc... |
| CVE-2006-6534 | — | — | 1.1% | Dec 14, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 3.0a3 allow remote attackers to inject arbitrary web s... |
| CVE-2006-6107 | — | — | 0.4% | Dec 14, 2006 | Unspecified vulnerability in the match_rule_equal function in bus/signals.c in D-Bus before 1.0.2 allows local applicati... |
| CVE-2006-5875 | — | — | 1.8% | Dec 14, 2006 | eoc.py in Enemies of Carlotta (EoC) before 1.2.4 allows remote attackers to execute arbitrary commands via shell metacha... |
| CVE-2006-6508 | — | — | 1.0% | Dec 14, 2006 | Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.21 allows remote authenticated users to send unauthorized m... |
| CVE-2006-6509 | — | — | 0.3% | Dec 14, 2006 | Cross-site scripting (XSS) vulnerability in the skinning feature in SiteKiosk before 6.5.150 allows local users to bypas... |
| CVE-2006-6510 | — | — | 0.3% | Dec 14, 2006 | An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users t... |
| CVE-2006-6511 | — | — | 1.2% | Dec 14, 2006 | dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive in the installed .htaccess file, which allows remo... |
| CVE-2006-6496 | — | — | 0.4% | Dec 13, 2006 | The (1) VetMONNT.sys and (2) VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Inter... |
| CVE-2006-4702 | — | — | 27.2% | Dec 13, 2006 | Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Serv... |
| CVE-2006-2386 | — | — | 28.5% | Dec 13, 2006 | Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code v... |
| CVE-2006-5585 | — | — | 1.7% | Dec 13, 2006 | The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges v... |
| CVE-2006-6494 | — | — | 0.4% | Dec 13, 2006 | Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code vi... |
| CVE-2006-6495 | — | — | 0.4% | Dec 13, 2006 | Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via larg... |
| CVE-2006-5584 | — | — | 30.4% | Dec 13, 2006 | The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, whi... |
| CVE-2006-6493 | — | — | 9.2% | Dec 13, 2006 | Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP... |
| CVE-2006-6335 | — | — | 12.2% | Dec 12, 2006 | Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary c... |
| CVE-2006-5583 | — | — | 52.9% | Dec 12, 2006 | Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly ot... |
| CVE-2006-6483 | — | — | 2.2% | Dec 12, 2006 | Adobe ColdFusion MX 7.x before 7.0.2 does not properly filter HTML tags when protecting against cross-site scripting (XS... |
| CVE-2006-6486 | — | — | 1.1% | Dec 12, 2006 | SQL injection vulnerability in EasyPage allows remote attackers to execute arbitrary SQL commands via unspecified vector... |
| CVE-2006-6482 | — | — | 2.1% | Dec 12, 2006 | Adobe ColdFusion MX7 allows remote attackers to obtain sensitive information via a URL request (1) for a non-existent (a... |
| CVE-2006-6484 | — | — | 2.8% | Dec 12, 2006 | The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1... |
Check if your code is affected by 2006 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now