Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2006-0634

    Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-de... Read more

    Affected Products : c\+\+_builder
    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0643

    Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users to inject arbitrary web script or HTML via the topic name of a conference.... Read more

    Affected Products : e_pop_web_conferencing
    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-0628

    myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.... Read more

    Affected Products : myquiz
    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-0642

    Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in c... Read more

    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-0636

    desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the _SESSION variable before calling the session_start function, which allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed... Read more

    Affected Products : eyeos
    • Published: Feb. 10, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0627

    Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Referer or (2) X-Forwarded-For headers in an HTTP request, which are not properly handled when the admini... Read more

    Affected Products : clever_copy
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-0626

    SQL injection vulnerability in spip_acces_doc.php3 in SPIP 1.8.2g and earlier allows remote attackers to execute arbitrary SQL commands via the file parameter.... Read more

    Affected Products : spip
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2006-0625

    Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resulta... Read more

    Affected Products : spip
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2006-0614

    Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.1_16 and 1.4.x through 1.4.2_08 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the r... Read more

    Affected Products : jre sdk jdk
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 6.2

    MEDIUM
    CVE-2006-0620

    Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables.... Read more

    Affected Products : rtos
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-0617

    Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh is... Read more

    Affected Products : jre jdk
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-0616

    Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."... Read more

    Affected Products : jre jdk
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2006-0619

    Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the s... Read more

    Affected Products : rtos
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-0624

    SQL injection vulnerability in check.asp in Whomp Real Estate Manager XP 2005 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.... Read more

    Affected Products : whomp_real_estate_manager_xp_2005
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2006-0623

    QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup.... Read more

    Affected Products : rtos
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.9

    MEDIUM
    CVE-2006-0622

    QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break *0xb032d59f" command to gdb.... Read more

    Affected Products : rtos
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-0613

    Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications.... Read more

    Affected Products : solaris j2se
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2006-0621

    Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via a long first argument to the (1) su or (2) passwd commands.... Read more

    Affected Products : rtos
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-0615

    Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, a... Read more

    Affected Products : jre sdk jdk
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2006-0618

    Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 allows local users to execute arbitrary code via format string specifiers in the zeroth argument (program name).... Read more

    Affected Products : neutrino_rtos
    • Published: Feb. 09, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294717 Results