Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.6

    MEDIUM
    CVE-2006-5012

    Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.... Read more

    Affected Products : solaris sunos
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 7.2

    HIGH
    CVE-2006-5006

    Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument.... Read more

    Affected Products : aix
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 7.8

    HIGH
    CVE-2006-4924

    sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detect... Read more

    Affected Products : openssh
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-5008

    Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.... Read more

    Affected Products : aix
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 4.6

    MEDIUM
    CVE-2006-5007

    Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux.... Read more

    Affected Products : aix
    • Published: Sep. 27, 2006
    • Modified: Apr. 09, 2025

  • 6.5

    MEDIUM
    CVE-2006-5000

    Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of th... Read more

    Affected Products : ws_ftp_server ws_ftp_server
    • Published: Sep. 26, 2006
    • Modified: Apr. 09, 2025

  • 5.0

    MEDIUM
    CVE-2006-5001

    Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publicatio... Read more

    Affected Products : ws_ftp_server ws_ftp_server
    • Published: Sep. 26, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-4995

    PHP remote file inclusion vulnerability in BSQ Sitestats (bsq_sitestats) before 2.1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.... Read more

    Affected Products : bsq_sitestats
    • Published: Sep. 26, 2006
    • Modified: Apr. 09, 2025

  • 7.5

    HIGH
    CVE-2006-4992

    Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for Joomla! (com_jd-wp) 2.0-1.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) wp-comments-post.php, (2) wp-feed.php, or... Read more

    Affected Products : jd-wordpress
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-4990

    Multiple PHP remote file inclusion vulnerabilities in PhotoPost allow remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter in (1) addfav.php, (2) adm-admlog.php, (3) adm-approve.php, (4) adm-backup.php, (5) adm-cats.php, (6) a... Read more

    Affected Products : photopost_php_pro
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-4987

    Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/roo... Read more

    Affected Products : wili-cms
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2006-4172

    Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerabili... Read more

    Affected Products : freebsd
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-4983

    Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.... Read more

    Affected Products : network_access_control
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2006-4982

    Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, ... Read more

    Affected Products : network_access_control
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-4996

    Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 for Joomla! allows remote attackers to have an unknown impact, related to "Joomla globals hacked by script kiddies."... Read more

    Affected Products : joomlalib
    • Published: Sep. 26, 2006
    • Modified: Apr. 09, 2025

  • 4.6

    MEDIUM
    CVE-2006-4981

    Symantec Sygate NAC allows physically proximate attackers to bypass control methods and join a local network by selecting a forged MAC address associated with an exception rule that (1) permits all non-Windows devices or (2) whitelists certain sets of Org... Read more

    Affected Products : sygate_network_access_control
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-4984

    Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter in (1) adminpanel/includes/mailinglist/mlist_xls.php and (2) adminpanel/include... Read more

    Affected Products : bandsite_cms
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-4989

    Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/... Read more

    Affected Products : wili-cms
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-4985

    Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote attackers to inject arbitrary web script or HTML via (1) the max_file_size_purdy parameter in adminpanel/includes/helpfiles/help_mp3.php, (2) the message_text param... Read more

    Affected Products : bandsite_cms
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-4988

    Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to inject arbitrary web script or HTML via (1) the query string to relocate.php, (2) the globals[pageid] parameter in example-view/inc/print_button.ph... Read more

    Affected Products : wili-cms
    • Published: Sep. 26, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294690 Results