Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-02-08 | CVE-2006-0592 | Remote Security vulnerability in Printer Sharing 8.29/9.41 Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service (LexPPS), possibly 8.29 and 9.41, allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2006-02-08 | CVE-2006-0588 | SQL-Injection vulnerability in Jaia Interactive Mytopix 1.2.3 SQL injection vulnerability in search.php in MyTopix 1.2.3 allows remote attackers to execute arbitrary SQL commands via the (1) mid and (2) keywords parameters. | 7.5 |
2006-02-08 | CVE-2006-0583 | SQL-Injection vulnerability in Clever Copy SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-02-08 | CVE-2006-0579 | Unspecified vulnerability in Mplayer Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. | 7.5 |
2006-02-08 | CVE-2006-0577 | Local Privilege Escalation vulnerability in Lexmark X1185 Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the "Appearance" dialog and selecting the "Additional styles (skins) are available on the Lexmark web site" option, which launches a web browser that is running with SYSTEM privileges. | 7.2 |
2006-02-08 | CVE-2006-0576 | Local Privilege Escalation vulnerability in OProfile OPControl Path Specification Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. | 7.2 |
2006-02-07 | CVE-2006-0572 | Input Validation vulnerability in Hinton Design PHPstatus 1.0 phpstatus 1.0 does not require passwords when using cookies to identify a user, which allows remote attackers to bypass authentication. | 7.5 |
2006-02-07 | CVE-2006-0570 | Input Validation vulnerability in Hinton Design PHPstatus 1.0 Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via (1) the username parameter in check.php and (2) unknown attack vectors in the administrative interface. | 7.5 |
2006-02-06 | CVE-2006-0565 | Code Injection vulnerability in Gerrit VAN Aaken Loudblog 0.1/0.2/0.3 PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter. | 7.5 |
2006-02-06 | CVE-2006-0564 | Remote Security vulnerability in HTML Help Workshop Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field. | 7.5 |