2006 CVEs
7145 CVEs published in 2006. 19 critical, 30 high. Browse by vendor, severity, or with PoCs.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2006-10003 | Critical | 9.8 | 2026-03-19 | XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will… |
CVE-2006-4243 | Critical | 9.8 | 2019-11-06 | linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code. |
CVE-2006-3100 | Critical | 9.8 | 2019-11-06 | termpkg 3.3 suffers from buffer overflow. |
CVE-2006-0062 | Critical | 9.8 | 2019-11-06 | xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window. |
CVE-2006-0061 | Critical | 9.8 | 2019-11-06 | xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session. |
CVE-2006-7105 | Critical | 9.8 | 2007-03-03 | PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filenam… |
CVE-2006-7079 | Critical | 9.8 | 2007-03-02 | Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote attackers to overwrite arbitrary program variables and conduc… |
CVE-2006-6975 | Critical | 9.8 | 2007-02-08 | PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd… |
CVE-2006-6863 | Critical | 9.8 | 2006-12-31 | PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code vi… |
CVE-2006-6024 | Critical | 9.8 | 2006-11-21 | Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudor… |
CVE-2006-5678 | Critical | 9.8 | 2006-11-03 | PHP remote file inclusion vulnerability in common/visiteurs/include/library.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMy… |
CVE-2006-5610 | Critical | 9.8 | 2006-10-31 | PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remot… |
CVE-2006-5603 | Critical | 9.8 | 2006-10-30 | SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE… |
CVE-2006-5024 | Critical | 9.8 | 2006-09-27 | Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.4 have unknown impact and attack vectors. |
CVE-2006-5021 | Critical | 9.8 | 2006-09-27 | Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the root paramet… |
CVE-2006-4428 | Critical | 9.8 | 2006-08-29 | PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to execute arbitrary PHP code via a URL in the template param… |
CVE-2006-4264 | Critical | 9.8 | 2006-08-21 | Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote attackers to execute arbitrary… |
CVE-2006-3136 | Critical | 9.8 | 2006-06-22 | Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute arbitrary PHP code via a URL the DIR_LIBS parameter in (1)… |
CVE-2006-2827 | Critical | 9.8 | 2006-06-05 | SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via… |
CVE-2006-5014 | High | 8.8 | 2006-09-27 | Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2… |