Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-1250

    Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown remote attack vectors.... Read more

    Affected Products : winmail
    • EPSS Score: %0.38
    • Published: Mar. 19, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1190

    Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow r... Read more

    Affected Products : internet_explorer
    • EPSS Score: %78.38
    • Published: Apr. 11, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1189

    Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character... Read more

    Affected Products : internet_explorer
    • EPSS Score: %54.02
    • Published: Apr. 11, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1186

    Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.... Read more

    Affected Products : internet_explorer ie
    • EPSS Score: %74.82
    • Published: Apr. 11, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1069

    Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors.... Read more

    Affected Products : geeklog
    • EPSS Score: %0.38
    • Published: Mar. 07, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0864

    filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value.... Read more

    Affected Products : virobot
    • EPSS Score: %3.17
    • Published: Feb. 23, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0685

    The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access.... Read more

    Affected Products : virtual_hosting_control_system
    • EPSS Score: %9.07
    • Published: Feb. 15, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0665

    Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0.0 has unknown impact and attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio... Read more

    Affected Products : mantis
    • EPSS Score: %0.39
    • Published: Feb. 13, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2022-1292

    The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arb... Read more

    • EPSS Score: %49.69
    • Published: May. 03, 2022
    • Modified: Aug. 13, 2025

  • 10.0

    HIGH
    CVE-2006-0286

    Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Orac... Read more

    Affected Products : database_server application_server
    • EPSS Score: %1.99
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0274

    Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 and 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP03.... Read more

    Affected Products : application_server
    • EPSS Score: %1.99
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0273

    Unspecified vulnerability in the Portal component of Oracle Application Server 9.0.4.2 and 10.1.2.0 has unspecified impact and attack vectors, as identified by Oracle Vuln# AS01.... Read more

    Affected Products : application_server
    • EPSS Score: %2.42
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0270

    Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB27. NOTE: Oracle has not disputed a reliable researcher repo... Read more

    Affected Products : database_server
    • EPSS Score: %2.24
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0265

    Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB17 in the Oracle Text component and (2) DB18 in the Program In... Read more

    Affected Products : database_server
    • EPSS Score: %2.81
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0263

    Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB09 in the (a) Net Listener component; and (2) DB... Read more

    Affected Products : database_server
    • EPSS Score: %13.76
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0261

    Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB07 in the Dictionary component and (2) DB14 in the Oracle Label Security... Read more

    Affected Products : database_server
    • EPSS Score: %3.69
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0259

    Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB1... Read more

    Affected Products : database_server
    • EPSS Score: %1.20
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0258

    Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and 9.0.1.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB03.... Read more

    Affected Products : database_server
    • EPSS Score: %2.15
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0257

    Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02. NOTE: details are unavailable from Oracle, but they ha... Read more

    Affected Products : database_server
    • EPSS Score: %1.24
    • Published: Jan. 18, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0230

    Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.... Read more

    Affected Products : antivirus_scan_engine
    • EPSS Score: %28.16
    • Published: Apr. 25, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 291395 Results