Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-5487

    Directory traversal vulnerability in Marshal MailMarshal SMTP 5.x, 6.x, and 2006, and MailMarshal for Exchange 5.x, allows remote attackers to write arbitrary files via ".." sequences in filenames in an ARJ compressed archive.... Read more

    Affected Products : mailmarshal_smtp
    • EPSS Score: %1.70
    • Published: Nov. 10, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5940

    Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Integer Issues" and parsing of .EXE files.... Read more

    Affected Products : avg_antivirus
    • EPSS Score: %0.50
    • Published: Nov. 16, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5972

    Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.... Read more

    Affected Products : wg111v2_driver wg111v2
    • EPSS Score: %18.79
    • Published: Nov. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5978

    Unspecified vulnerability in E-Xoopport before 2.2.0 has unknown impact and attack vectors, as addressed by "Some security fix."... Read more

    Affected Products : e-xoopport
    • EPSS Score: %0.39
    • Published: Nov. 20, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6055

    Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).... Read more

    Affected Products : dwl-g132
    • EPSS Score: %4.09
    • Published: Nov. 22, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6136

    IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.21
    • Published: Nov. 28, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6135

    Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK30831... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %0.82
    • Published: Nov. 28, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6268

    SQL injection vulnerability in system/core/profile/profile.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote authenticated users to execute arbitrary SQL commands via a url-encoded id parameter to users.php that begins with a valid f... Read more

    Affected Products : land_down_under
    • EPSS Score: %0.61
    • Published: Dec. 04, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6270

    Multiple SQL injection vulnerabilities in ASPMForum allow remote attackers to execute arbitrary SQL commands via (1) the soruid parameter in forum2.asp, (2) the ak parameter in kullanicilistesi.asp, (3) the kelimeler parameter in aramayap.asp, and (4) the... Read more

    Affected Products : aspmforum
    • EPSS Score: %0.43
    • Published: Dec. 04, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6351

    KhaledMuratList stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) CL2F9R1A2C1N.mdb or (2) Data2F9R1A2C1N.mdb.... Read more

    Affected Products : khaledmuratlist
    • EPSS Score: %1.13
    • Published: Dec. 07, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6346

    Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files)... Read more

    Affected Products : internet_graphics_server
    • EPSS Score: %1.70
    • Published: Dec. 07, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6361

    Heap-based buffer overflow in the uploadprogress_php_rfc1867_file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted HTTP POST fileup... Read more

    Affected Products : upload_progress_meter
    • EPSS Score: %2.45
    • Published: Dec. 07, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6460

    Yourfreeworld.com Short Url & Url Tracker Script allows remote attackers to obtain sensitive information via an invalid id parameter to login.php, which leaks the path in an error message. NOTE: this issue might be resultant from CVE-2006-2509.... Read more

    Affected Products : short_url url_tracker_script
    • EPSS Score: %0.99
    • Published: Dec. 11, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6472

    The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 configures port 443 to be always active, which has unknown impact and remote attack vectors.... Read more

    Affected Products : workcentre
    • EPSS Score: %0.40
    • Published: Dec. 11, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6470

    The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 returns no error for a non-writable object, which has unknown impact and attack vectors. NOTE: due to the vagueness of th... Read more

    Affected Products : workcentre
    • EPSS Score: %0.40
    • Published: Dec. 11, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    CRITICAL
    CVE-2024-52034

    An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command can be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.... Read more

    Affected Products : mypro
    • Published: Nov. 22, 2024
    • Modified: Nov. 22, 2024

  • 10.0

    HIGH
    CVE-2006-6335

    Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to imp... Read more

    Affected Products : anti-virus sophos_anti-virus
    • EPSS Score: %13.30
    • Published: Dec. 12, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6515

    Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a more privileged role, which has unknown impact and attack vectors, possibly related to frequency of reminders.... Read more

    Affected Products : mantis
    • EPSS Score: %0.38
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-4902

    The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malici... Read more

    • EPSS Score: %8.92
    • Published: Dec. 14, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6567

    PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.... Read more

    Affected Products : kb_mods
    • EPSS Score: %2.32
    • Published: Dec. 15, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 291824 Results