Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-01-18 | CVE-2006-0259 | Multiple vulnerability in Oracle Database Server 10.1.0.5 Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB16 in the (c) Oracle Text component. | 10.0 |
2006-01-18 | CVE-2006-0258 | Multiple vulnerability in Oracle Database Server 8.1.7.4/9.0.1.5 Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and 9.0.1.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB03. | 10.0 |
2006-01-18 | CVE-2006-0257 | Multiple vulnerability in Oracle Database Server 10.1.0.5/10.2.0.1/9.2.0.7 Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02. | 10.0 |
2006-01-18 | CVE-2006-0256 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01. | 10.0 |
2006-01-18 | CVE-2006-0255 | Local Privilege Escalation vulnerability in Checkpoint Vpn-1 4.1 Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program. | 7.2 |
2006-01-18 | CVE-2006-0254 | Input Validation vulnerability in Apache Geronimo 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer. network apache | 4.3 |
2006-01-18 | CVE-2006-0253 | Buffer Overflow vulnerability in Ambicom Blue Neighbors 2.50Build2500 Buffer overflow in the Bluetooth OBEX Object Push service in "Blue Neighbors.EXE" in AmbiCom Blue Neighbors 2.50 Build 2500 and earlier allows remote attackers to execute arbitrary code via a long file name, as demonstrated via a long RFILE argument to ussp-push. | 5.1 |
2006-01-18 | CVE-2006-0252 | SQL Injection vulnerability in Benders Calendar SQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by the (1) year, (2) month, and (3) day parameters. | 7.5 |
2006-01-18 | CVE-2006-0251 | Cross-Site Scripting vulnerability in Faq-O-Matic Cross-site scripting (XSS) vulnerability in fom.cgi in Faq-O-Matic 2.711 allows remote attackers to inject arbitrary web script or HTML via the (1) _duration, (2) file, and (3) cmd parameters. network faq-o-matic | 4.3 |
2006-01-18 | CVE-2006-0249 | SQL Injection vulnerability in Bitdamaged Geoblog Mod1.0 SQL injection vulnerability in viewcat.php in BitDamaged geoBlog MOD_1.0 allows remote attackers to execute arbitrary SQL commands, then steal credentials and upload files, via the cat parameter ($tmpCategory variable). | 7.5 |