Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.0

    MEDIUM
    CVE-2006-4014

    Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allows remote attackers to cause a denial of service (application freeze) "by sending invalid posts".... Read more

    Affected Products : brightmail_antispam
    • Published: Aug. 07, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-4007

    PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter.... Read more

    Affected Products : knusperleicht_guestbook
    • Published: Aug. 07, 2006
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2006-4004

    Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as de... Read more

    Affected Products : vbportal
    • Published: Aug. 07, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-4012

    Multiple PHP remote file inclusion vulnerabilities in circeOS SaveWeb Portal 3.4 allow remote attackers to execute arbitrary PHP code via a URL in the SITE_Path parameter to (1) poll/poll.php or (2) poll/view_polls.php. NOTE: the menu_dx.php vector is al... Read more

    Affected Products : savewebportal
    • Published: Aug. 07, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-0395

    The Download Validation in Mail in Mac OS X 10.4 does not properly recognize attachment file types to warn a user of an unsafe type, which allows user-assisted remote attackers to execute arbitrary code via crafted file types.... Read more

    Affected Products : mac_os_x mac_os_x_server mac_os_x
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3998

    PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.... Read more

    Affected Products : wowroster
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2006-3999

    ISS BlackICE PC Protection 3.6.cpj, 3.6.cpiE, and possibly earlier versions do not properly monitor the integrity of the pamversion.dll BlackICE library, which allows local users to subvert BlackICE by replacing pamversion.dll. NOTE: in most cases, the a... Read more

    Affected Products : blackice_pc_protection
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-4001

    Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin passw... Read more

    Affected Products : barracuda_spam_firewall
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-4000

    Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.... Read more

    Affected Products : barracuda_spam_firewall
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3997

    PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.... Read more

    Affected Products : wowroster
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 6.5

    MEDIUM
    CVE-2006-3996

    SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) desc or (2) asc parameters.... Read more

    Affected Products : atutor
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2006-3995

    Multiple PHP remote file inclusion vulnerabilities in (1) uhp_config.php, and possibly (2) footer.php, (3) functions.php, (4) install.uhp.php, (5) toolbar.uhp.html.php, (6) uhp.class.php, and (7) uninstall.uhp.php, in the UHP (User Home Pages) 0.5 compone... Read more

    Affected Products : user_home_pages
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-3457

    Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the Virtual Desktop module in Symantec On-Demand Protection (SODP) before 2.6 Build 2233, do not properly encrypt files that are subject to policy-based automatic encryption, which might allow... Read more

    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2006-3980

    PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramet... Read more

    Affected Products : mambo_gallery_manager
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3990

    Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Savant2, possibly when used with the com_mtree component for Mambo and Joomla!, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in ... Read more

    Affected Products : savant2
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3993

    PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project (TSEP) 0.942 allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter.... Read more

    Affected Products : tsep
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3981

    PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of thi... Read more

    Affected Products : mambo_gallery_manager
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3985

    Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name.... Read more

    Affected Products : powerarchiver powerarchiver
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3991

    PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter.... Read more

    Affected Products : voodoo_chat
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3992

    Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to... Read more

    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294842 Results