Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.8

    MEDIUM
    CVE-2006-1893

    Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter.... Read more

    Affected Products : ar-blog
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-1868

    Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-1891

    Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. NOTE: it is not clear whether this is a distribu... Read more

    Affected Products : betaboard
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1867

    Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln# DB02.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2006-1056

    The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one... Read more

    Affected Products : linux_kernel enterprise_linux freebsd
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 9.7

    HIGH
    CVE-2006-1866

    Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the (1) Advanced Replication component, as identified by Vuln# DB01, and (2) Oracle Spatial co... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-1874

    Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB09. NOTE: Oracle has not disputed reliable claims that this issue is SQL injection in MDS... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2006-1873

    Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, and 10.2.0.1 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB08.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1886

    Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.46.12 and 8.47.04 has unknown impact and attack vectors, aka Vuln# PSE01.... Read more

    Affected Products : peoplesoft_enterprise
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2006-1876

    Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1875

    Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL inje... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-1905

    Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.... Read more

    Affected Products : xine
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1880

    Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, as identified by Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS09 in the (b) Oracle Diagnostics Interf... Read more

    Affected Products : e-business_suite
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1906

    Cross-site scripting (XSS) vulnerability in index.php in jjgan852 phpLister 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.... Read more

    Affected Products : phplister
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1889

    Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen (aka SCRIPTSOLUTION) Boardsolution 1.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Search for" item (keyword param... Read more

    Affected Products : boardsolution
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1887

    Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01.... Read more

    Affected Products : enterpriseone
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1878

    Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites allows remote attackers to inject arbitrary web script or HTML via the page parameter.... Read more

    Affected Products : topsites
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-1894

    Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote attackers to inject arbitrary web script or HTML via a substitution cipher of the email tag, which is transformed when the application's e-mail address obfusca... Read more

    Affected Products : revoboard
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-1890

    Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. NOTE: vector 2 was later reported to affect ... Read more

    Affected Products : myevent
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2006-1870

    Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln# DB05. NOTE: details are unavailable from Oracle, but as of 20060427, they have ... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294842 Results