Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1736 1 Electricmonk 1 Proms 2026-04-16 N/A
PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended.
CVE-2005-1737 1 Electricmonk 1 Proms 2026-04-16 N/A
Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized users" to (1) view or modify the project member list or (2) modify the todos list.
CVE-2005-1738 1 Iron Bars Shell 1 Iron Bars Shell 2026-04-16 N/A
Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call.
CVE-2005-1740 2 Net-snmp, Redhat 2 Net-snmp, Enterprise Linux 2026-04-16 N/A
fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack.
CVE-2005-1751 2 Redhat, Shtool 2 Enterprise Linux, Shtool 2026-04-16 N/A
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759.
CVE-2005-1756 1 Novell 1 Netmail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.
CVE-2005-1757 1 Novell 1 Netmail 2026-04-16 N/A
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.
CVE-2005-1758 1 Novell 1 Netmail 2026-04-16 N/A
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.
CVE-2005-1759 1 Shtool 1 Shtool 2026-04-16 N/A
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751.
CVE-2005-1760 1 Redhat 4 Enterprise Linux, Enterprise Linux Desktop, Linux Advanced Workstation and 1 more 2026-04-16 N/A
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
CVE-2005-1762 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to cause a denial of service (kernel crash) via a "non-canonical" address.
CVE-2005-1763 3 Novell, Redhat, Suse 3 Linux Desktop, Enterprise Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.
CVE-2005-1764 1 Linux 1 Linux Kernel 2026-04-16 N/A
Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service.
CVE-2005-1776 1 Cnedra 1 Cnedra 2026-04-16 N/A
Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C'Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text string.
CVE-2005-1777 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2005-1779 1 Maxwebportal 1 Maxwebportal 2026-04-16 N/A
SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter.
CVE-2005-1780 1 Dotnetindex 1 Active News Manager 2026-04-16 N/A
SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to execute arbitrary SQL commands via the password.
CVE-2005-1782 1 W.m.r. Simpson 1 Bookreview 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to (1) add_review.htm, (2) suggest_review.htm, (3) suggest_category.htm, (4) add_booklist.htm, or (5) add_url.htm, the isbn parameter to (6) add_review.htm, (7) add_contents.htm, (8) add_classification.htm, the (9) chapters parameter to the add_contents page in index.php (aka add_contents.htm), (10) the user parameter to contact.htm, or (11) the submit[string] parameter to search.htm. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.
CVE-2005-1783 1 W.m.r. Simpson 1 Bookreview 2026-04-16 N/A
BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.
CVE-2005-1784 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.