CVE-2006-3033

CVE-2006-3033 - Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input box in singlepage.php when submitting scrapbook pages. ...
5 years ago

CVE-2010-2843 - Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a ...
14 years ago

CVE-2010-3033 - Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a ...
14 years ago

CVE-2010-2842 - Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a ...
14 years ago

CVE-2022-45414 - If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER attribute or an OBJECT tag with a DATA attribute, a network request to the referenced remote URL was ...
1 year ago

CVE-2005-3033 - Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. ...
16 years ago

CVE-2016-3033 - IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, ...
7 years ago

CVE-2017-3033 - Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data. ...
7 years ago

CVE-2009-3033 - Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform ...
7 years ago

CVE-2013-3033 - SQL injection vulnerability in the server component in IBM Tivoli Remote Control 5.1.2 before 5.1.2-TIV-TRC512-IF0015 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. ...
7 years ago

CVE-2014-3033 - Cross-site scripting (XSS) vulnerability in IBM Emptoris Sourcing Portfolio 9.5.x before 9.5.1.3, 10.0.0.x before 10.0.0.1, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote authenticated users to inject arbitrary web script or ...
7 years ago

CVE-2010-1523 - Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote attackers to execute arbitrary code via a crafted VP6 (1) video file or (2) video stream. ...
5 years ago

CVE-2008-3033 - RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote attackers to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to ...
5 years ago

CVE-2007-3033 - Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes, which are ...
5 years ago

CVE-2018-3033 - Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Difficult to exploit vulnerability ...
5 years ago

CVE-2020-10173 - Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ...
4 years ago

CVE-2011-3033 - Buffer overflow in Skia, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. ...
4 years ago

CVE-2021-3033 - An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the ...
3 years ago

CVE-2023-3033 - Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobatime web application: through 06.7.22. ...
1 year ago

CVE-2022-3033 - If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv"refresh"</code> attribute, and the content attribute ...
1 year ago

CVE-2012-3033 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none ...
54 years ago Tenable.com

CVE-2024-3033 - An improper authorization vulnerability exists in the mintplex-labs/anything-llm application, specifically within the '/api/v/' endpoint and its sub-routes. This flaw allows unauthenticated users to perform destructive actions on the VectorDB, ...
3 months ago Tenable.com

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
9 months ago