CVE-2006-0678

PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a different vulnerability than CVE-2006-0553.

Publication date: Wed, 15 Feb 2006 01:06:00 +0000

Cyber News related to CVE-2006-0678

CVE-2006-0553 - PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678. ...
6 years ago

CVE-2006-0678 - PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a ...
6 years ago

CVE-2021-0678 - In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ...
1 year ago

CVE-2000-0678 - PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's public certificate to decrypt any data that has been ...
16 years ago

CVE-2010-0678 - PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the includes_directory ...
14 years ago

CVE-2012-0678 - Cross-site scripting (XSS) vulnerability in Apple Safari before 6.0 allows remote attackers to inject arbitrary web script or HTML via a feed:// URL. ...
12 years ago

CVE-2013-0678 - Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL ...
11 years ago

CVE-2015-0678 - The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted ...
9 years ago

CVE-2005-0678 - PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the script_root to reference a URL on a remote web server that contains the code. ...
8 years ago

CVE-2016-0678 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core. ...
7 years ago

CVE-2004-0678 - Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remote attackers to execute arbitrary script as other users via the page parameter. ...
7 years ago

CVE-2011-0678 - Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the ...
7 years ago

CVE-2014-0678 - The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951. ...
7 years ago

CVE-2008-0678 - SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action. ...
7 years ago

CVE-2007-0678 - SQL injection vulnerability in windows.asp in Fullaspsite Asp Hosting Sitesi allows remote attackers to execute arbitrary SQL commands via the kategori_id parameter. ...
7 years ago

CVE-2001-0678 - A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code. ...
6 years ago

CVE-2009-0678 - images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain sensitive information via an aFonts array parameter value that does not correspond to a valid font file, which reveals the installation path in an error message. ...
11 months ago

CVE-2002-0678 - CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. ...
6 years ago

CVE-2018-0678 - Buffer overflow in BN-SDWBP3 firmware version 1.0.9 and earlier allows an attacker on the same network segment to execute arbitrary code via unspecified vectors. ...
5 years ago

CVE-2017-0678 - A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36576151. ...
5 years ago

CVE-2019-0678 - An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, ...
4 years ago

CVE-1999-0678 - A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. ...
4 years ago

CVE-2020-0678 - An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. ...
3 years ago

CVE-2022-0678 - Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11. ...
2 years ago

CVE-2023-0678 - Missing Authorization in GitHub repository phpipam/phpipam prior to v1.5.1. ...
1 year ago

Latest Cyber News

CVE-2024-53094 - 15 hours ago
CVE-2024-52289 - 16 hours ago
CVE-2024-52307 - 16 hours ago
CVE-2024-52309 - 16 hours ago
CVE-2024-52799 - 16 hours ago
CVE-2024-52803 - 16 hours ago
CVE-2024-8525 - 17 hours ago
CVE-2024-8526 - 17 hours ago
CVE-2024-28892 - 18 hours ago
CVE-2024-21855 - 18 hours ago
CVE-2024-28025 - 18 hours ago
CVE-2024-28027 - 18 hours ago
CVE-2024-21786 - 18 hours ago
CVE-2024-11592 - 18 hours ago
CVE-2024-11591 - 19 hours ago
CVE-2024-7130 - 19 hours ago
CVE-2024-11590 - 20 hours ago
CVE-2024-11588 - 20 hours ago
CVE-2024-11587 - 20 hours ago
CVE-2024-10316 - 22 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-11595 - 2 days ago
CVE-2024-45510 - 2 days ago
CVE-2024-45511 - 2 days ago
CVE-2024-48530 - 2 days ago
CVE-2024-48531 - 2 days ago
CVE-2024-48983 - 2 days ago
CVE-2024-48984 - 2 days ago
CVE-2024-51151 - 2 days ago
CVE-2024-51208 - 2 days ago
CVE-2024-52754 - 2 days ago
CVE-2024-52755 - 2 days ago
CVE-2024-52765 - 2 days ago
CVE-2024-52797 - 2 days ago
CVE-2024-8726 - 2 days ago
CVE-2024-10365 - 2 days ago
CVE-2024-52443 - 1 day ago
CVE-2024-52449 - 1 day ago
CVE-2024-10520 - 1 day ago
CVE-2024-11406 - 1 day ago
CVE-2024-10913 - 1 day ago