Export limit exceeded: 359603 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359603 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1734 | 1 Electricmonk | 1 Proms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-1735 | 1 Electricmonk | 1 Proms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PROMS before 0.11 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-1736 | 1 Electricmonk | 1 Proms | 2026-04-16 | N/A |
| PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended. | ||||
| CVE-2005-1737 | 1 Electricmonk | 1 Proms | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized users" to (1) view or modify the project member list or (2) modify the todos list. | ||||
| CVE-2005-1738 | 1 Iron Bars Shell | 1 Iron Bars Shell | 2026-04-16 | N/A |
| Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call. | ||||
| CVE-2005-1740 | 2 Net-snmp, Redhat | 2 Net-snmp, Enterprise Linux | 2026-04-16 | N/A |
| fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-1754 | 2 Apache Tomcat, Sun | 2 Apache Tomcat, Javamail | 2026-04-16 | N/A |
| JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. | ||||
| CVE-2005-1751 | 2 Redhat, Shtool | 2 Enterprise Linux, Shtool | 2026-04-16 | N/A |
| Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759. | ||||
| CVE-2005-1756 | 1 Novell | 1 Netmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields. | ||||
| CVE-2005-1757 | 1 Novell | 1 Netmail | 2026-04-16 | N/A |
| Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code. | ||||
| CVE-2005-1567 | 1 Directtopics | 1 Directtopics | 2026-04-16 | N/A |
| SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter. | ||||
| CVE-2005-1568 | 1 Directtopics | 1 Directtopics | 2026-04-16 | N/A |
| topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message. | ||||
| CVE-2005-1569 | 1 Directtopics | 1 Directtopics | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag. | ||||
| CVE-2005-1570 | 1 Battleaxe Software | 1 Bttlxeforum | 2026-04-16 | N/A |
| forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability. | ||||
| CVE-2005-1571 | 1 Wenig And Spitzer-williams | 1 Showoff Digital Media Software | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic scripts. | ||||
| CVE-2005-1572 | 1 Wenig And Spitzer-williams | 1 Showoff Digital Media Software | 2026-04-16 | N/A |
| ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083. | ||||
| CVE-2005-1573 | 1 Darrel Oneil | 1 Asp Virtual News Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in admin_login.asp for ASP Virtual News Manager allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2005-1574 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled. | ||||
| CVE-2005-1576 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files. | ||||
| CVE-2005-1577 | 1 Apg Technology | 1 Classmaster | 2026-04-16 | N/A |
| APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share. | ||||