CVE-2006-3747
- EPSS 96.44%
- Veröffentlicht 28.07.2006 18:02:00
- Zuletzt bearbeitet 16.06.2026 22:27:43
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (applica...
CVE-2006-3918
- EPSS 94.28%
- Veröffentlicht 28.07.2006 00:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:04
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected ba...
CVE-2006-2935
- EPSS 0.58%
- Veröffentlicht 05.07.2006 18:05:00
- Zuletzt bearbeitet 16.06.2026 22:26:04
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device ...
- EPSS 16.17%
- Veröffentlicht 30.05.2006 19:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:29
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
CVE-2006-2016
- EPSS 8.22%
- Veröffentlicht 25.04.2006 12:50:00
- Zuletzt bearbeitet 16.06.2026 22:24:08
Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template...
CVE-2006-1753
- EPSS 0.35%
- Veröffentlicht 18.04.2006 20:02:00
- Zuletzt bearbeitet 16.06.2026 22:23:37
A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2006-1530
- EPSS 4.77%
- Veröffentlicht 14.04.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:23:08
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
CVE-2006-1531
- EPSS 4.77%
- Veröffentlicht 14.04.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:23:08
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
CVE-2006-1724
- EPSS 6.89%
- Veröffentlicht 14.04.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:23:30
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via atta...
CVE-2006-1772
- EPSS 0.38%
- Veröffentlicht 13.04.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:23:39
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mno...