Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2006-1883

    Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite and Applications 11.5.10CU1 has unknown impact and attack vectors, aka Vuln# APPS05.... Read more

    Affected Products : e-business_suite
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-1897

    Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not configured, allows remote attackers to obtain sensitive information via a quote (') or possibly other invalid value in the storeid parameter in store.wml in web... Read more

    Affected Products : web\+_shop
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1885

    Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manager 9.0.1.5 and 9.2.0.7 have unknown impact and attack vectors, aka Vuln# (1) EM01 and (2) EM02.... Read more

    Affected Products : enterprise_manager
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-1872

    Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln# DB07.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-1905

    Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.... Read more

    Affected Products : xine
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1875

    Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL inje... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 6.0

    MEDIUM
    CVE-2006-1896

    Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functiona... Read more

    Affected Products : phpbb
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1869

    Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1884

    Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01.... Read more

    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2006-1888

    phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary H... Read more

    Affected Products : phpgraphy
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2006-1873

    Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, and 10.2.0.1 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB08.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1867

    Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln# DB02.... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1878

    Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites allows remote attackers to inject arbitrary web script or HTML via the page parameter.... Read more

    Affected Products : topsites
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-1894

    Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote attackers to inject arbitrary web script or HTML via a substitution cipher of the email tag, which is transformed when the application's e-mail address obfusca... Read more

    Affected Products : revoboard
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1881

    Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite and Applications 11.5.9 has unknown impact and attack vectors. component, aka Vuln# APPS02.... Read more

    Affected Products : e-business_suite
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 6.5

    MEDIUM
    CVE-2006-1895

    Direct static code injection vulnerability in includes/template.php in phpBB allows remote authenticated users with write access to execute arbitrary PHP code by modifying a template in a way that (1) bypasses a loose ".*" regular expression to match BEGI... Read more

    Affected Products : phpbb
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-1906

    Cross-site scripting (XSS) vulnerability in index.php in jjgan852 phpLister 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.... Read more

    Affected Products : phplister
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-1887

    Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01.... Read more

    Affected Products : enterpriseone
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 5.8

    MEDIUM
    CVE-2006-1889

    Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen (aka SCRIPTSOLUTION) Boardsolution 1.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Search for" item (keyword param... Read more

    Affected Products : boardsolution
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025

  • 9.0

    HIGH
    CVE-2006-1870

    Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln# DB05. NOTE: details are unavailable from Oracle, but as of 20060427, they have ... Read more

    Affected Products : database_server
    • Published: Apr. 20, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294848 Results