NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2005-20001 | Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | 該当なし | 該当なし | 2026-04-22 | 2026-04-22 |
| CVE-2005-10004 | Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity. | 8.7 | 57.98% | 2025-08-30 | 2025-12-26 |
| CVE-2005-2347 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 該当なし | 該当なし | 2025-06-19 | 2025-06-19 |
| CVE-2005-10003 | A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 0.8.3 is able to address this issue. The patch is named 6ed8e3cc336e29f09c7e791863d0559939da9 | 6.3 | 0.50% | 2024-10-17 | 2024-11-14 |
| CVE-2005-10002 | A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. Affected is the function sf_downloads of the file secure-files.php. The manipulation of the argument downloadfile leads to path traversal. Upgrading to version 1.2 is able to address this issue. The name of the patch is cab025e5fc2bcdad8032d833ebc38e6bd2a13c92. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-243804. | 5.5 | 0.20% | 2023-10-29 | 2024-11-20 |
| CVE-2005-10001 | A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | 5.4 | 0.16% | 2022-03-28 | 2024-11-20 |
| CVE-2005-2795 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 該当なし | 0.22% | 2021-06-18 | 2023-11-07 |
| CVE-2005-0394 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 該当なし | 0.22% | 2021-06-18 | 2023-11-07 |
| CVE-2005-2493 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2005. Notes: none | 該当なし | 0.22% | 2021-06-11 | 2023-11-07 |
| CVE-2005-4894 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 該当なし | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2005-4893 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 該当なし | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2005-4892 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 該当なし | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2005-4891 | Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements. | 9.8 | 0.37% | 2020-01-15 | 2024-11-21 |
| CVE-2005-2354 | Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues. | 9.8 | 0.51% | 2019-11-05 | 2024-11-20 |
| CVE-2005-4890 | There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process. | 7.8 | 0.23% | 2019-11-04 | 2024-11-21 |
| CVE-2005-2352 | I race condition in Temp files was found in gs-gpl before 8.56 addons scripts. | 8.1 | 0.32% | 2019-11-01 | 2024-11-20 |
| CVE-2005-2351 | Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files. | 5.5 | 0.13% | 2019-11-01 | 2024-11-20 |
| CVE-2005-2350 | Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface. | 6.1 | 0.43% | 2019-11-01 | 2024-11-20 |
| CVE-2005-3056 | TWiki allows arbitrary shell command execution via the Include function | 9.8 | 1.02% | 2019-11-01 | 2024-11-21 |
| CVE-2005-2349 | Zoo 2.10 has Directory traversal | 7.5 | 0.36% | 2019-10-28 | 2024-11-20 |