CVSS: 2.1EPSS: 0%CPEs: 15EXPL: 0CVE-2005-1855
https://notcve.org/view.php?id=CVE-2005-1855
Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. • http://secunia.com/advisories/15615 http://securitytracker.com/id?1014124 http://www.debian.org/security/2005/dsa-787 http://www.securityfocus.com/bid/13892 http://www.sukria.net/packages/backup-manager http://www.usenetlinux.com/archive/index.php/t-411815.html •
CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 2CVE-2005-2557 – Mantis Bug Tracker 0.x/1.0 - Multiple Input Validation Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-2557
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. • https://www.exploit-db.com/exploits/26172 http://marc.info/?l=bugtraq&m=112786017426276&w=2 http://secunia.com/advisories/16506 http://www.debian.org/security/2005/dsa-778 http://www.gentoo.org/security/en/glsa/glsa-200509-16.xml http://www.mantisbt.org/changelog.php http://www.securityfocus.com/bid/14604 https://exchange.xforce.ibmcloud.com/vulnerabilities/21958 •
CVSS: 5.0EPSS: 4%CPEs: 64EXPL: 0CVE-2005-2459
https://notcve.org/view.php?id=CVE-2005-2459
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. • http://bugs.gentoo.org/show_bug.cgi?id=94584 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5 http://secunia.com/advisories/16355 http://secunia.com/advisories/16500 http://secunia.com/advisories/17826 http://secunia.com/advisories/17918 http://secunia.com/advisories/18056 http://secunia.com/advisories/18059 http://www.debian.org/security/2005/dsa-921 http://www.debian.org/security/2005/dsa-922 http://www.mandriva.com/security/advisories?name=MDKSA&# • CWE-476: NULL Pointer Dereference •
CVSS: 4.6EPSS: 0%CPEs: 65EXPL: 0CVE-2005-2555
https://notcve.org/view.php?id=CVE-2005-2555
Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c. • http://secunia.com/advisories/17002 http://secunia.com/advisories/17073 http://secunia.com/advisories/17826 http://secunia.com/advisories/19369 http://secunia.com/advisories/19374 http://www.debian.org/security/2006/dsa-1017 http://www.debian.org/security/2006/dsa-1018 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6fc0b4a7a73a81e74d0004732df358f4f9975be2 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2005-2498
https://notcve.org/view.php?id=CVE-2005-2498
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921. • http://marc.info/?l=bugtraq&m=112412415822890&w=2 http://marc.info/?l=bugtraq&m=112431497300344&w=2 http://marc.info/?l=bugtraq&m=112605112027335&w=2 http://secunia.com/advisories/16431 http://secunia.com/advisories/16432 http://secunia.com/advisories/16441 http://secunia.com/advisories/16460 http://secunia.com/advisories/16465 http://secunia.com/advisories/16468 http://secunia.com/advisories/16469 http://secunia.com/advisories/16491 http://secunia.com/advisories& • CWE-94: Improper Control of Generation of Code ('Code Injection') •