Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2005-1155 | The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking." | 7.5 | 8.28% | 2005-05-02 | 2026-06-16 |
| CVE-2005-1154 | Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution." | 7.5 | 2.16% | 2005-05-02 | 2026-06-16 |
| CVE-2005-1153 | Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option. | 7.5 | 3.59% | 2005-05-02 | 2026-06-16 |
| CVE-2005-1061 | The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS." | 5.0 | 3.07% | 2005-05-02 | 2026-06-16 |
| CVE-2005-1044 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0941. Reason: This candidate is a duplicate of CVE-2005-0941. Notes: All CVE users should reference CVE-2005-0941 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | 0.26% | 2005-05-02 | 2023-11-06 |
| CVE-2005-1042 | Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. | 7.5 | 4.02% | 2005-05-02 | 2026-06-16 |
| CVE-2005-1041 | The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | 2.1 | 0.36% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0967 | Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | 5.0 | 2.50% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0966 | The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. | 6.4 | 2.48% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0965 | The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. | 5.0 | 2.32% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0916 | AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_only_range to fail. | 2.1 | 0.72% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0891 | Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. | 7.5 | 3.90% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0839 | Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions. | 7.2 | 0.38% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0762 | Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file. | 7.5 | 3.42% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0760 | The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. | 5.0 | 1.66% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0711 | MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. | 2.1 | 1.70% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0710 | MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. | 4.6 | 12.84% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0709 | MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. | 4.6 | 18.44% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0706 | Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected. | 7.5 | 4.62% | 2005-05-02 | 2026-06-16 |
| CVE-2005-0705 | The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enabled. allows remote attackers to cause a denial of service (application crash). | 5.0 | 1.90% | 2005-05-02 | 2026-06-16 |