Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.1

    MEDIUM
    CVE-2006-4819

    Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).... Read more

    Affected Products : opera_browser
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-5321

    Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : phplist
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5318

    PHP remote file inclusion vulnerability in index.php in Nayco JASmine (aka Jasmine-Web) allows remote attackers to execute arbitrary PHP code via an FTP URL in the section parameter.... Read more

    Affected Products : jasmine
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5322

    Multiple SQL injection vulnerabilities in phplist before 2.10.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : phplist
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 6.5

    MEDIUM
    CVE-2006-5313

    Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration... Read more

    Affected Products : hastymail
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.0

    MEDIUM
    CVE-2006-5320

    Directory traversal vulnerability in getimg.php in Album Photo Sans Nom 1.6 allows remote attackers to read arbitrary files via the img parameter.... Read more

    Affected Products : album_photo_sans_nom
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.0

    MEDIUM
    CVE-2006-5319

    Directory traversal vulnerability in redir.php in Foafgen 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the foaf parameter.... Read more

    Affected Products : foafgen
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.5

    MEDIUM
    CVE-2006-4342

    The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to cause a denial of service (deadlock) by running the shmat function on an shm at the same time that shmctl is removing that shm (IPC_RMID), which prevents a spinlo... Read more

    Affected Products : enterprise_linux
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5326

    PHP remote file inclusion vulnerability in language/lang/lang_contact_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: the provenance... Read more

    Affected Products : french_language_pack
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5315

    PHP remote file inclusion vulnerability in main.php in registroTL allows remote attackers to execute arbitrary PHP code via an ftp:// URL in the page parameter.... Read more

    Affected Products : registrotl
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5323

    Unspecified vulnerability in IBM WebSphere Application Server before 6.1.0.2 has unspecified impact and attack vectors, related to a "possible security exposure," aka PK29360.... Read more

    Affected Products : websphere_application_server
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5324

    The Web Services Notification (WSN) security component of IBM WebSphere Application Server before 6.1.0.2 allows attackers to obtain unspecified access without supplying a username and password, aka PK28374.... Read more

    Affected Products : websphere_application_server
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5317

    PHP remote file inclusion vulnerability in index.php in eboli allows remote attackers to execute arbitrary PHP code via a URL in the contentSpecial parameter.... Read more

    Affected Products : eboli
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5314

    PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter.... Read more

    Affected Products : tribunalibre
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.8

    HIGH
    CVE-2006-5316

    registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat.... Read more

    Affected Products : registrotl
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5325

    Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) mkb.php, (2) iplogger.php, (3) admin... Read more

    Affected Products : security_suite_ip_logger
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5312

    PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Shoutbox 0.0.5 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.... Read more

    Affected Products : ajax_shoutbox
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5309

    PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.... Read more

    Affected Products : prillian_french
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5311

    PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Buzlas 2006-1 Full allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.... Read more

    Affected Products : buzlas
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 6.8

    MEDIUM
    CVE-2006-5310

    PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP co... Read more

    Affected Products : phpmyconferences les_visiteurs
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 294522 Results