| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| PHP remote file inclusion vulnerability in admin/configset.php in Sphider 1.3 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings_dir parameter. |
| Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session. |
| Directory traversal vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to read arbitrary files via the $className variable. |
| Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659. |
| Cross-site scripting (XSS) vulnerability in tablepublisher.cgi in UPDI Network Enterprise @1 Table Publisher 2006-03-23 allows remote attackers to inject arbitrary web script or HTML via the Title of Table field. |
| Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact related to "authentication exploits". NOTE: this is a different set of affected versions, and probably a different vulnerability than CVE-2006-1337. |
| SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. |
| Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis Gallery allows remote attackers to inject arbitrary web script or HTML via the cat parameter. |
| The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges. |
| choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process. |
| Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions. |
| Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln# DB02. |
| Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04. |
| Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln# DB07. |
| Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites allows remote attackers to inject arbitrary web script or HTML via the page parameter. |
| Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite and Applications 11.5.9 has unknown impact and attack vectors. component, aka Vuln# APPS02. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite and Applications 11.5.10CU1 has unknown impact and attack vectors, aka Vuln# APPS05. |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.46.12 and 8.47.04 has unknown impact and attack vectors, aka Vuln# PSE01. |
| Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01. |
| Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manager 9.0.1.5 and 9.2.0.7 have unknown impact and attack vectors, aka Vuln# (1) EM01 and (2) EM02. |
