CVE-2006-0681

Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable.

Publication date: Wed, 15 Feb 2006 06:02:00 +0000

Cyber News related to CVE-2006-0681

CVE-2006-0681 - Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable. ...
7 years ago

CVE-2020-0681 - A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0734. ...
3 years ago

CVE-2020-0734 - A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0681. ...
3 years ago

CVE-2009-4571 - Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote attackers to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form ...
6 years ago

CVE-2007-3324 - Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to (1) comersus_customerAuthenticateForm.asp or (2) comersus_message.asp, different ...
6 years ago

CVE-2021-0681 - In system properties, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ...
2 years ago

CVE-2000-0681 - Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. ...
16 years ago

CVE-2010-0681 - ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for admin/backup.sql. ...
14 years ago

CVE-2012-0681 - Apple Remote Desktop before 3.6.1 does not recognize the "Encrypt all network data" setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC session content by sniffing the network. ...
11 years ago

CVE-2013-0681 - Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and ...
11 years ago

CVE-2016-0681 - Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unspecified vectors. ...
8 years ago

CVE-2004-0681 - Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute ...
7 years ago

CVE-2005-0681 - Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname. ...
7 years ago

CVE-2011-0681 - The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property, which makes it easier for remote attackers to bypass CSS filtering via a crafted URL. ...
7 years ago

CVE-2015-0681 - The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, ...
7 years ago

CVE-1999-0681 - Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. ...
7 years ago

CVE-2007-0681 - profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php. ...
1 year ago

CVE-2001-0681 - Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. ...
7 years ago

CVE-2002-0681 - Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script. ...
7 years ago

CVE-2014-0681 - Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine (ISE) 1.2 patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via a report containing a crafted URL that is not properly handled during ...
7 years ago

CVE-2003-0681 - A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. ...
6 years ago

CVE-2009-0681 - PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys. ...
6 years ago

CVE-2008-0681 - SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote attackers to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action. ...
6 years ago

CVE-2018-0681 - Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management page and change the configuration. ...
6 years ago

CVE-2017-0681 - A remote code execution vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37208566. ...
5 years ago

Latest Cyber News

BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics - Cyber Security News - 7 hours ago
CVE-2022-28339 - 12 hours ago
Beware: PayPal "New Address" feature abused to send phishing emails - 13 hours ago
CVE-2025-26774 - 17 hours ago
CVE-2025-26776 - 17 hours ago
CVE-2025-26973 - 17 hours ago
CVE-2025-27012 - 17 hours ago
CVE-2025-26750 - 17 hours ago
CVE-2025-26756 - 17 hours ago
CVE-2025-26757 - 17 hours ago
CVE-2025-26760 - 17 hours ago
CVE-2025-26763 - 17 hours ago
CVE-2025-26764 - 17 hours ago
Fake CS2 tournament streams used to steal crypto, Steam accounts - 18 hours ago
CVE-2024-12577 - 18 hours ago
CVE-2024-46975 - 18 hours ago
CVE-2024-47896 - 18 hours ago
CVE-2024-52939 - 18 hours ago
CVE-2025-0957 - 19 hours ago
CVE-2025-1556 - 20 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics - Cyber Security News - 7 hours ago
CVE-2019-8900 - 1 day ago
CVE-2025-26622 - 1 day ago
CVE-2025-27104 - 1 day ago
CVE-2025-27105 - 1 day ago
CVE-2025-27106 - 1 day ago
CVE-2025-27108 - 1 day ago
CVE-2025-27109 - 1 day ago
CVE-2024-45674 - 1 day ago
CVE-2024-22341 - 1 day ago
CVE-2023-4261 - 1 day ago
CVE-2024-13873 - 1 day ago
CVE-2024-13899 - 1 day ago
CVE-2025-1509 - 1 day ago
CVE-2025-1510 - 1 day ago
CVE-2024-12038 - 1 day ago
CVE-2024-12467 - 1 day ago
CVE-2024-13474 - 1 day ago
CVE-2024-13798 - 1 day ago
CVE-2024-13564 - 1 day ago