Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-31 | CVE-2006-6898 | Remote Security vulnerability in Broadcom Widcomm Bluetooth 4.0.1.1500 Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote attackers to listen to and record conversations, aka the CarWhisperer attack. | 7.8 |
| 2006-12-31 | CVE-2006-6890 | Information Disclosure vulnerability in Voc-Project Voodoo Chat 1.0Rc1B Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat. | 7.5 |
| 2006-12-31 | CVE-2006-6889 | Information Disclosure vulnerability in Freestyle Wiki FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat. | 7.5 |
| 2006-12-31 | CVE-2006-6881 | Buffer Errors vulnerability in Stavros Markou Atmelwlandriver 3.4.1.1 Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers 3.4.1.1 corruption allows attackers to execute arbitrary code via a long name argument. | 7.5 |
| 2006-12-31 | CVE-2006-6880 | SQL Injection vulnerability in PHP-Update Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Update 2.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) newmessage, (2) newname, (3) newwebsite, or (4) newemail parameter. | 7.5 |
| 2006-12-31 | CVE-2006-6878 | Unspecified vulnerability in PHP-Update admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action. | 7.5 |
| 2006-12-31 | CVE-2006-6876 | Remote Buffer Overflow vulnerability in OpenSER SMS Handling module Buffer overflow in the fetchsms function in the SMS handling module (libsms_getsms.c) in OpenSER 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SMS message, triggering memory corruption when the "beginning" buffer is copied to the third (pdu) argument. | 7.5 |
| 2006-12-31 | CVE-2006-6875 | Buffer Overflow vulnerability in Openser and Openser OSP Module Buffer overflow in the validateospheader function in the Open Settlement Protocol (OSP) module in OpenSER 1.1.0 and earlier allows remote attackers to execute arbitrary code via a crafted OSP header. | 7.5 |
| 2006-12-31 | CVE-2006-6873 | Scripts Multiple Input Validation vulnerability in Endonesia 8.4 Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 allow remote attackers to execute arbitrary SQL commands via (1) the did parameter in a (a) viewdisk operation (diskusi mod), or the (2) cid parameter in a (b) viewlink (katalog mod) or (b) viewcat (diskusi mod) operation. | 7.5 |
| 2006-12-31 | CVE-2006-6867 | Remote File Include vulnerability in Vladimir Meshakov Bubla 0.9.1 Multiple PHP remote file inclusion vulnerabilities in Vladimir Menshakov buratinable templator (aka bubla) 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the bu_dir parameter to (1) bu/bu_claro.php, (2) bu/bu_cache.php, or (3) bu/bu_parse.php, different vectors and a different affected version than CVE-2006-6809. | 7.5 |