Year CVE (3053)
Common Vulnerabilities and Exposures
CAN (20174)
Candidate
1999CVE-1999 (821)CAN-1999 (749 )
2000CVE-2000 (808)CAN-2000 (423 )
2001CVE-2001 (625)CAN-2001 (934 )
2002CVE-2002 (643)CAN-2002 (1566)
2003CVE-2003 (81 )CAN-2003 (1236)
2004CVE-2004 (75 )CAN-2004 (2601)
2005-CAN-2005 (4825)
2006-CAN-2006 (6982)
2007-CAN-2007 (858 )
CVE-2006-0081Learn more...
ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title.
CVE-2006-0082Learn more...
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program.
CVE-2006-0083Learn more...
Format string vulnerability in the logging code of SMS Server Tools (smstools) 1.14.8 and earlier allows local users to execute arbitrary code via unspecified attack vectors.
CVE-2006-0084Learn more...
Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the $_SERVER[HTTP_USER_AGENT] variable (User-Agent header).
CVE-2006-0085Learn more...
SQL injection vulnerability in Nkads 1.0 alfa 3 allows remote attackers to execute arbitrary SQL commands via the (1) usuario_nkads_admin or (2) password_nkads_admin parameters.
CVE-2006-0086Learn more...
Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2006-0087Learn more...
SQL injection vulnerability in (1) pages.php and (2) detail.php in Lizard Cart CMS 1.04 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-0088Learn more...
SQL injection vulnerability in intouch.lib.php in inTouch 0.5.1 Alpha allows remote attackers to execute arbitrary SQL commands via the user parameter.
CVE-2006-0089Learn more...
Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long string attribute.
CVE-2006-0090Learn more...
Directory traversal vulnerability in index.php in IDV Directory Viewer before 2005.1 allows remote attackers to view arbitrary directory contents via a .. (dot dot) in the dir parameter.