| Page(s) : 1 ... 383 384 385 386 387 388 389 390 391 392 [393] 394 395 396 397 398 399 400 401 402 403 ... | Result(s) : 9857 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 2.6 | 2006-11-21 | CVE-2006-6068 | cve | Directory traversal vulnerability in the cached_album function in functions.php for mAlbum 0.3 and earlier allows remote attackers to list filenames of arbitrary images via a ..... |
| 2.6 | 2006-11-17 | CVE-2006-5793 | cve | The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent att... |
| 2.1 | 2006-11-16 | CVE-2006-5956 | cve | XLineSoft PHPRunner 3.1 stores the (1) database server name, (2) database names, (3) usernames, and (4) passwords in plaintext in %WINDIR%\PHPRunner.ini, which allows local user... |
| 2.6 | 2006-11-16 | USN-383-1 | Ubuntu | libpng vulnerability |
| 2.1 | 2006-11-14 | CVE-2006-5461 | cve | Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoo... |
| 3.5 | 2006-11-14 | CVE-2006-5883 | cve | Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.... |
| 2.1 | 2006-11-11 | USN-380-1 | Ubuntu | Avahi vulnerability |
| 2.1 | 2006-11-09 | CVE-2006-5842 | cve | The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information. |
| 2.1 | 2006-11-09 | CVE-2006-5851 | cve | openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink attack on the /tmp/output file, a different vulnerability than CVE-2006-5328. |
| 2.6 | 2006-11-08 | CVE-2006-5800 | cve | Cross-site scripting (XSS) vulnerability in default.asp in xenis.creator CMS allows remote attackers to inject arbitrary web script or HTML via the nav parameter. NOTE: the pro... |
| 2.1 | 2006-11-08 | CVE-2006-5806 | cve | SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a d... |
| 2.1 | 2006-11-08 | CVE-2006-5817 | cve | prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configura... |
| 2.6 | 2006-11-07 | CVE-2006-5791 | cve | Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the filename for d... |
| 2.6 | 2006-11-06 | CVE-2006-4807 | cve | loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that trigger... |
| 2.6 | 2006-11-06 | CVE-2006-4808 | cve | Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and po... |
| 2.1 | 2006-11-06 | CVE-2006-5738 | cve | Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. |
| 1.2 | 2006-11-06 | CVE-2006-5757 | cve | Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infin... |
| 2.1 | 2006-11-03 | CVE-2006-5724 | cve | Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the ... |
| 2.1 | 2006-11-02 | CVE-2006-5397 | cve | The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak ... |
| 2.1 | 2006-11-02 | CVE-2006-5659 | cve | PAM_extern before 0.2 sends a password as a command line argument, which allows local users to obtain the password by listing the command line arguments, such as ps. NOTE: the ... |
| Page(s) : 1 ... 383 384 385 386 387 388 389 390 391 392 [393] 394 395 396 397 398 399 400 401 402 403 ... | Result(s) : 9857 |
