Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-24 | CVE-2006-6075 | Cross-Site Scripting vulnerability in Baalasp Smart Form Portal 2.0 Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp forum allows remote attackers to inject arbitrary web script or HTML via the name parameter. network baalasp | 6.8 |
| 2006-11-22 | CVE-2006-6069 | Remote Security vulnerability in mAlbum index.php in mAlbum 0.3 and earlier allows remote attackers to obtain the installation path via an invalid gal parameter. | 5.0 |
| 2006-11-22 | CVE-2006-6065 | Remote File Include vulnerability in Mxbb Calsnails Module 1.06 PHP remote file inclusion vulnerability in includes/mx_common.php in the CalSnails Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 5.1 |
| 2006-11-22 | CVE-2006-6062 | Remote Denial Of Service vulnerability in Apple Mac OS X UDIF Disk Image Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption. | 5.1 |
| 2006-11-22 | CVE-2006-6060 | Denial-Of-Service vulnerability in kernel The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function. | 4.9 |
| 2006-11-22 | CVE-2006-6058 | Numeric Errors vulnerability in Linux Kernel The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. | 4.0 |
| 2006-11-22 | CVE-2006-6057 | Denial-Of-Service vulnerability in kernel The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function. | 4.9 |
| 2006-11-22 | CVE-2006-6056 | Denial-Of-Service vulnerability in kernel Linux kernel 2.6.x up to 2.6.18 and possibly other versions, when SELinux hooks are enabled, allows local users to cause a denial of service (crash) via a malformed file stream that triggers a NULL pointer dereference in the superblock_doinit function, as demonstrated using an HFS filesystem image. | 4.9 |
| 2006-11-22 | CVE-2006-6054 | Denial-Of-Service vulnerability in kernel The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum. | 4.0 |
| 2006-11-22 | CVE-2006-6053 | Denial-Of-Service vulnerability in kernel The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures. | 4.9 |