Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-07 | CVE-2006-1670 | Multiple vulnerability in Cisco Optical Networking System and Transport Controller Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. | 7.8 |
| 2006-04-07 | CVE-2006-1666 | Input Validation vulnerability in Arab Portal Arab Portal 2.0.1Stable SQL injection vulnerability in forum.php in Arab Portal 2.0.1 stable allows remote attackers to execute arbitrary SQL commands via the mineID parameter. | 7.5 |
| 2006-04-07 | CVE-2006-1664 | Buffer Overflow vulnerability in Xine-Lib Malformed MPEG Stream Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream. | 7.5 |
| 2006-04-07 | CVE-2006-1662 | Unspecified vulnerability in Limbo CMS Limbo CMS 1.0.4.1/1.0.4.2 The frontpage option in Limbo CMS 1.0.4.2 and 1.0.4.1 allows remote attackers to execute arbitrary PHP commands via the Itemid parameter in index.php. | 7.5 |
| 2006-04-07 | CVE-2006-1658 | HTML Injection vulnerability in Chucky A. Ivey N.T. 1.1.0 Direct static code injection vulnerability in ticker.db.php in Chucky A. | 7.5 |
| 2006-04-06 | CVE-2006-1656 | Unspecified vulnerability in Vserver Util-Vserver 0.30.209 vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root. | 7.2 |
| 2006-04-06 | CVE-2006-1653 | Remote File Include vulnerability in Angelinecms 0.8.1 PHP remote file inclusion vulnerability in loadkernel.php in AngelineCMS 0.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the installPath parameter. | 7.5 |
| 2006-04-06 | CVE-2006-1649 | Local Arbitrary File Creation vulnerability in Eset Software NOD32 Antivirus The "restore to" selection in the "quarantine a file" capability of ESET NOD32 before 2.51.26 allows a restore to any directory that permits read access by the invoking user, which allows local users to create new files despite write-access directory permissions. | 7.2 |
| 2006-04-06 | CVE-2006-1647 | Remote Denial of Service vulnerability in SMART Technologies SynchronEyes An unspecified "logical programming mistake" in SMART SynchronEyes Student and Teacher 6.0, and possibly earlier versions, allows remote attackers to cause a denial of service via a large packet to the Teacher discovery port (UDP port 5496), which causes a thread to terminate and prevents communications on that port. | 7.8 |
| 2006-04-06 | CVE-2006-1643 | Remote vulnerability in Interact SQL injection vulnerability in login.php in Interact 2.1.1 allows remote attackers to execute arbitrary SQL commands via the user_name parameter. | 7.5 |