Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 1.2

    LOW
    CVE-2006-3118

    spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary f... Read more

    Affected Products : spread
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2006-2198

    OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.... Read more

    Affected Products : enterprise_linux openoffice staroffice
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2006-2199

    Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents... Read more

    Affected Products : enterprise_linux openoffice staroffice
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 7.6

    HIGH
    CVE-2006-3117

    Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) I... Read more

    Affected Products : enterprise_linux openoffice staroffice
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3321

    Multiple cross-site scripting (XSS) vulnerabilities in openforum.asp in OpenForum 1.2 Beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ofdisp and (2) ofmsgid parameters.... Read more

    Affected Products : openforum
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-3320

    Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the command parameter.... Read more

    Affected Products : sitebar
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3319

    Cross-site scripting (XSS) vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the cal parameter.... Read more

    Affected Products : php_icalendar
    • Published: Jun. 30, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-1467

    Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC (M4P, M4A, or M4B) file with a sample table size (S... Read more

    Affected Products : itunes
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3115

    SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the raid_id parameter.... Read more

    Affected Products : phpraid
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3317

    PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) announcements.php and (2) rss.php, a different set of vectors and affected versions than CVE-2006-3316... Read more

    Affected Products : phpraid
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3116

    Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 and 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) configuration.php, (3) guilds.php, (4) index.php, (5) locations.php, (6) login.php... Read more

    Affected Products : phpraid
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3318

    SQL injection vulnerability in register.php for phpRaid 3.0.6 and possibly other versions, when the authorization type is phpraid, allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) email parameters.... Read more

    Affected Products : phpraid
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3316

    Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) logs.php and (2) users.php, a different set of vectors than CVE-2006-3116.... Read more

    Affected Products : phpraid
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-3312

    Multiple cross-site scripting (XSS) vulnerabilities in ashmans and Bill Echlin QaTraq 6.5 RC and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) link_print, (2) link_upgrade, (3) link_sql, (4) link_next, (5) link_prev, an... Read more

    Affected Products : qatraq
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-3313

    Cross-site scripting (XSS) vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter.... Read more

    Affected Products : smartnet
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3315

    PHP remote file inclusion vulnerability in page.php in an unspecified RahnemaCo.com product, possibly eShop, allows remote attackers to execute arbitrary PHP code via a URL in the osCsid parameter.... Read more

    Affected Products : rahnemaco
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3314

    PHP remote file inclusion vulnerability in page.php in an unspecified RahnemaCo.com product, possibly eShop, allows remote attackers to execute arbitrary PHP code via a URL in the pageid parameter.... Read more

    Affected Products : rahnemaco
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-3268

    Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow users to obtain "random programmatic access" to other email within the same post office.... Read more

    Affected Products : groupwise
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-3299

    Cross-site scripting (XSS) vulnerability in index.php in Usenet Script 0.5 allows remote attackers to inject arbitrary web script or HTML via the group parameter.... Read more

    Affected Products : usenet
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3300

    PHP remote file inclusion vulnerability in sms_config/gateway.php in PhpMySms 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.... Read more

    Affected Products : phpmysms
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294119 Results