Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.0

    HIGH
    CVE-2006-5371

    Unspecified vulnerability in Oracle Email Center component in Oracle E-Business Suite 11.5.9 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS07.... Read more

    Affected Products : e-business_suite
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5348

    Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS05.... Read more

    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5374

    Unspecified vulnerability in Oracle Pharmaceutical Applications 4.5.1 has unknown impact and remote authenticated attack vectors, aka Vuln# PHAR01.... Read more

    Affected Products : pharmaceutical
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 9.0

    HIGH
    CVE-2006-5378

    Unspecified vulnerability in JD Edwards HTML Server in JD Edwards EnterpriseOne SP23_O2, 8.95.P1, and 8.96.D1 has unknown impact and remote authenticated attack vectors, aka Vuln# JDE01.... Read more

    Affected Products : enterpriseone
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5369

    Unspecified vulnerability in Oracle Application Object Library in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS02.... Read more

    Affected Products : e-business_suite
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 7.1

    HIGH
    CVE-2006-5333

    Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln# DB02. NOTE: as of 20061023, Oracle has not disputed reports fro... Read more

    Affected Products : database_server
    • Published: Oct. 18, 2006
    • Modified: Apr. 09, 2025

  • 2.1

    LOW
    CVE-2006-5173

    Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Che... Read more

    Affected Products : linux_kernel ubuntu_linux
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.1

    MEDIUM
    CVE-2006-4819

    Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).... Read more

    Affected Products : opera_browser
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.2

    HIGH
    CVE-2006-5327

    Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which ... Read more

    Affected Products : xcode openbase
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.2

    HIGH
    CVE-2006-5328

    OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.... Read more

    Affected Products : xcode openbase
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.0

    MEDIUM
    CVE-2006-5330

    CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and... Read more

    Affected Products : flash_player
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5322

    Multiple SQL injection vulnerabilities in phplist before 2.10.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.... Read more

    Affected Products : phplist
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 6.5

    MEDIUM
    CVE-2006-5313

    Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration... Read more

    Affected Products : hastymail
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.0

    MEDIUM
    CVE-2006-5320

    Directory traversal vulnerability in getimg.php in Album Photo Sans Nom 1.6 allows remote attackers to read arbitrary files via the img parameter.... Read more

    Affected Products : album_photo_sans_nom
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5318

    PHP remote file inclusion vulnerability in index.php in Nayco JASmine (aka Jasmine-Web) allows remote attackers to execute arbitrary PHP code via an FTP URL in the section parameter.... Read more

    Affected Products : jasmine
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 5.0

    MEDIUM
    CVE-2006-5319

    Directory traversal vulnerability in redir.php in Foafgen 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the foaf parameter.... Read more

    Affected Products : foafgen
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5325

    Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) mkb.php, (2) iplogger.php, (3) admin... Read more

    Affected Products : security_suite_ip_logger
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5314

    PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter.... Read more

    Affected Products : tribunalibre
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.8

    HIGH
    CVE-2006-5316

    registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat.... Read more

    Affected Products : registrotl
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-5317

    PHP remote file inclusion vulnerability in index.php in eboli allows remote attackers to execute arbitrary PHP code via a URL in the contentSpecial parameter.... Read more

    Affected Products : eboli
    • Published: Oct. 17, 2006
    • Modified: Apr. 09, 2025
Showing 20 of 294632 Results