CVSS: 5.5EPSS: 10%CPEs: 6EXPL: 1CVE-2006-2661 – FreeType - '.TTF' File Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-2661
30 May 2006 — ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. • https://www.exploit-db.com/exploits/27993 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2006-2275
https://notcve.org/view.php?id=CVE-2006-2275
09 May 2006 — Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer." • http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7c3ceb4fb9667f34f1599a062efecf4cdc4a4ce5 • CWE-667: Improper Locking •
CVSS: 9.8EPSS: 4%CPEs: 9EXPL: 0CVE-2006-1727
https://notcve.org/view.php?id=CVE-2006-1727
14 Apr 2006 — Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview". • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 9.8EPSS: 29%CPEs: 9EXPL: 0CVE-2006-1728
https://notcve.org/view.php?id=CVE-2006-1728
14 Apr 2006 — Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2006-1729
https://notcve.org/view.php?id=CVE-2006-1729
14 Apr 2006 — Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 1%CPEs: 7EXPL: 1CVE-2006-1741
https://notcve.org/view.php?id=CVE-2006-1741
14 Apr 2006 — Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection". • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2006-1183 – Ubuntu 5.10 Installer - Password Disclosure
https://notcve.org/view.php?id=CVE-2006-1183
13 Mar 2006 — The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges. • https://www.exploit-db.com/exploits/1579 •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 1CVE-2006-0151
https://notcve.org/view.php?id=CVE-2006-0151
09 Jan 2006 — sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158. • http://secunia.com/advisories/18358 •
CVSS: 7.8EPSS: 20%CPEs: 3EXPL: 2CVE-2005-4807 – GNU BinUtils 2.1x - GAS Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-4807
31 Dec 2005 — Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. • https://www.exploit-db.com/exploits/28397 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2005-4808
https://notcve.org/view.php?id=CVE-2005-4808
31 Dec 2005 — Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. • http://sources.redhat.com/bugzilla/show_bug.cgi?id=1069 •