Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2006-2926

    Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.... Read more

    Affected Products : wingate
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-2924

    Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake.... Read more

    Affected Products : ingate_firewall ingate_siparator
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2006-2929

    PHP remote file inclusion vulnerability in contrib/forms/evaluation/C_FormEvaluation.class.php in OpenEMR 2.8.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fileroot] paramet... Read more

    Affected Products : openemr
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-2928

    Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter in (1) dialogs/img.php and (2) dialogs/td.php.... Read more

    Affected Products : cms-bandits
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-2927

    Multiple cross-site scripting (XSS) vulnerabilities in post.asp in CodeAvalanche FreeForum (aka CAForum) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_subject and (2) msg_body parameters. NOTE: The provenance of this i... Read more

    Affected Products : codeavalanche_freeforum
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-2921

    PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) cm_ext_server and (2) sitepath parame... Read more

    Affected Products : clan_manager_pro
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2006-2930

    Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid Engine 6.0, when configured in Certificate Security Protocol (CSP) Mode, allows local users to shut down the grid service or gain access, even if access is denied.... Read more

    Affected Products : grid_engine n1_grid_engine
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-2922

    Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie 2.62 allow remote attackers to execute arbitrary PHP code via a URL in the (1) g_pcltar_lib_dir parameter in (a) pcltar.lib.php when register_globals is enabled, and (2) listconfigfile[] ... Read more

    Affected Products : miraksgalerie
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2006-2919

    Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via crafted inputs that trigger memory corruption.... Read more

    Affected Products : netmeeting
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-2920

    Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI check functionality and makes it easier to conduct phishing attacks via a URI that begins with a space character.... Read more

    Affected Products : sylpheed sylpheed-claws
    • Published: Jun. 09, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-2193

    Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters,... Read more

    Affected Products : libtiff
    • Published: Jun. 08, 2006
    • Modified: Apr. 03, 2025

  • 5.4

    MEDIUM
    CVE-2006-2906

    The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.... Read more

    Affected Products : graphics_draw_library
    • Published: Jun. 08, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-2904

    SQL injection vulnerability in index.php in Partial Links 1.2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter.... Read more

    Affected Products : particle_links
    • Published: Jun. 08, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-2903

    Cross-site scripting (XSS) vulnerability in admin.php in Particle Links 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.... Read more

    Affected Products : particle_links
    • Published: Jun. 08, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-2902

    Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".." sequences in an HTTP request. NOTE: it is not clear whether this issue is legitimate, as the original researcher seems unsure.... Read more

    Affected Products : particle_links
    • Published: Jun. 08, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-2905

    Partial Links 1.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) page_footer.php and (2) page_header.php, which displays the path in an error message.... Read more

    Affected Products : particle_links
    • Published: Jun. 08, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-1173

    Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmai... Read more

    Affected Products : sendmail
    • Published: Jun. 07, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-2901

    The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.... Read more

    Affected Products : dwl-2100ap
    • Published: Jun. 07, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-2900

    Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the... Read more

    Affected Products : ie network_camera_server_vb101
    • Published: Jun. 07, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-2887

    Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the UserName parameter in (1) validatelogin.asp or (2) adminlogin.asp.... Read more

    Affected Products : mynewsletter
    • Published: Jun. 07, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293673 Results