CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 2140 of 12367 results
«« First « Prev Page 2 / 619 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2005-0587 Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. 6.5 1.42% 2005-03-25 2026-06-16
CVE-2005-0585 Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks. 2.6 1.77% 2005-03-25 2026-06-16
CVE-2005-0750 The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. 7.2 0.85% 2005-03-27 2026-06-16
CVE-2005-0749 The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer. 7.2 0.45% 2005-04-01 2026-06-16
CVE-2005-1043 exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. 5.0 1.93% 2005-04-14 2026-06-16
CVE-2005-0753 Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code. 7.5 4.75% 2005-04-18 2026-06-16
CVE-2005-0752 The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag. 7.5 4.11% 2005-04-18 2026-06-16
CVE-2005-0755 Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file. 5.1 3.37% 2005-04-19 2026-06-16
CVE-2005-0754 Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. 7.5 2.98% 2005-04-22 2026-06-16
CVE-2005-1275 Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. 5.0 13.92% 2005-04-25 2026-06-16
CVE-2005-1281 Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. 5.0 2.00% 2005-04-26 2026-06-16
CVE-2005-1345 Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator. 7.5 1.73% 2005-05-02 2026-06-16
CVE-2005-1280 The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. 5.0 10.19% 2005-05-02 2026-06-16
CVE-2005-1279 tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function. 5.0 18.72% 2005-05-02 2026-06-16
CVE-2005-1278 The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet. 5.0 10.80% 2005-05-02 2026-06-16
CVE-2005-1160 The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object. 5.1 2.72% 2005-05-02 2026-06-16
CVE-2005-1159 The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type. 7.5 2.95% 2005-05-02 2026-06-16
CVE-2005-1158 Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar. 5.0 1.25% 2005-05-02 2026-06-16
CVE-2005-1157 Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2." 7.5 2.46% 2005-05-02 2026-06-16
CVE-2005-1156 Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1." 7.5 2.34% 2005-05-02 2026-06-16
«« First « Prev Page 2 / 619 Next »
cvelogic Threat Intelligence