Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-16 | CVE-2006-4155 | Remote Security vulnerability in Invision Power Board Unspecified vulnerability in func_topic_threaded.php (aka threaded view mode) in Invision Power Board (IPB) before 2.1.7 21013.60810.s allows remote attackers to "access posts outside the topic." | 7.5 |
| 2006-08-15 | CVE-2006-4143 | Unspecified vulnerability in Netgear Fvg318 1.0.40 Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. | 7.8 |
| 2006-08-14 | CVE-2006-4142 | SQL Injection vulnerability in VWar Virtual WAR SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter. | 7.5 |
| 2006-08-14 | CVE-2006-4141 | SQL-Injection vulnerability in Virtual War SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) sortby and (2) sortorder parameters. | 7.5 |
| 2006-08-14 | CVE-2006-4138 | Remote vulnerability in RETIRED: Microsoft Windows Help Multiple unspecified vulnerabilities in Microsoft Windows Help File viewer (winhlp32.exe) allow user-assisted attackers to execute arbitrary code via crafted HLP files. | 7.6 |
| 2006-08-14 | CVE-2006-4136 | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others. | 7.5 |
| 2006-08-14 | CVE-2006-4133 | Remote Buffer Overflow vulnerability in SAP Internet Graphics Server Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and earlier, and 7.00 and earlier, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via an HTTP request with an ADM:GETLOGFILE command and a long portwatcher argument, which triggers the overflow during error message construction when the _snprintf function returns a negative value that is used in a memcpy operation. | 7.5 |
| 2006-08-14 | CVE-2006-4131 | Multiple vulnerability in ArcSoft MMS Composer Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted MMS (Multimedia Messaging Service) messages that trigger the overflows in the (1) M-Notification.ind, (2) M-Retrieve.conf (Header and Body), or (3) SMIL parsers. | 7.5 |
| 2006-08-14 | CVE-2006-4129 | Remote File Include vulnerability in Joomla Webring Component 1.0 PHP remote file inclusion vulnerability in admin.webring.docs.php in the Webring Component (com_webring) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the component_dir parameter. | 7.5 |
| 2006-08-14 | CVE-2006-4125 | Remote Buffer Overflow vulnerability in Dconnect Daemon 0.0.2/0.0.3/0.7.0 Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to execute arbitrary code via a large nickname, which is not properly handled by the listen_thread_udp function. | 7.5 |