CVE-2006-0427

Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted.

Publication date: Thu, 26 Jan 2006 05:07:00 +0000


Cyber News related to CVE-2006-0427

CVE-2006-0427 - Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing functionality that should have been restricted. ...
7 years ago
CVE-2015-0427 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different ...
6 years ago
CVE-2014-6589 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability ...
6 years ago
CVE-2014-6588 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability ...
6 years ago
CVE-2014-6595 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability ...
6 years ago
CVE-2014-6590 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability ...
6 years ago
CVE-2002-0427 - Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges. ...
16 years ago
CVE-2000-0427 - The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. ...
16 years ago
CVE-2016-0427 - Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows remote authenticated users to affect confidentiality via unknown vectors related ...
8 years ago
CVE-2005-0427 - The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password. ...
7 years ago
CVE-2011-0427 - Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. ...
7 years ago
CVE-2014-0427 - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS. ...
7 years ago
CVE-2001-0427 - Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several ...
7 years ago
CVE-2003-0427 - Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. ...
7 years ago
CVE-2009-0427 - SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. ...
7 years ago
CVE-2004-0427 - The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows ...
10 months ago
CVE-2010-0427 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. ...
6 years ago
CVE-2008-0427 - Directory traversal vulnerability in file.php in bloofoxCMS 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. ...
6 years ago
CVE-2007-0427 - Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project (.HPJ) file with a long HLP field in the OPTIONS section. ...
6 years ago
CVE-2012-0427 - yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2) directory name. OpenSuse 11.4 is vulnerable per ...
6 years ago
CVE-2017-0427 - An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent ...
5 years ago
CVE-2018-0427 - A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to incorrect input validation of ...
4 years ago
CVE-2021-0427 - In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed ...
3 years ago
CVE-2022-0427 - Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover ...
2 years ago
CVE-2013-0427 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors ...
2 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)