Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2005-2960 | cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | 2.1 | 0.43% | 2005-10-05 | 2026-06-16 |
| CVE-2005-2966 | The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file. | 5.1 | 2.61% | 2005-10-05 | 2026-06-16 |
| CVE-2005-3118 | Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot. | 7.5 | 1.39% | 2005-10-06 | 2026-06-16 |
| CVE-2005-3117 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3150. Reason: This candidate was privately assigned by a CNA to an issue, but the issue was published through separate channels and assigned a new identifier by the MITRE CNA, so it is a duplicate of CVE-2005-3150. Notes: All CVE users should reference CVE-2005-3150 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | 0.26% | 2005-10-06 | 2023-11-06 |
| CVE-2005-3178 | Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations. | 5.1 | 4.16% | 2005-10-07 | 2026-06-16 |
| CVE-2005-3119 | Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys. | 2.1 | 0.39% | 2005-10-12 | 2026-06-16 |
| CVE-2005-2965 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2005-4802 and CVE-2005-4803 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | 0.26% | 2005-10-12 | 2023-11-06 |
| CVE-2005-2963 | The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions. | 7.5 | 2.44% | 2005-10-13 | 2026-06-16 |
| CVE-2005-2992 | arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945. | 2.1 | 0.36% | 2005-10-13 | 2026-06-16 |
| CVE-2005-2967 | Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | 7.5 | 9.68% | 2005-10-14 | 2026-06-16 |
| CVE-2005-2661 | Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line. | 7.5 | 12.11% | 2005-10-14 | 2026-06-16 |
| CVE-2005-3120 | Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | 9.8 | 23.26% | 2005-10-17 | 2026-06-16 |
| CVE-2005-3256 | The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message. | 5.0 | 1.78% | 2005-10-18 | 2026-06-16 |
| CVE-2005-3268 | yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files. | 2.1 | 0.40% | 2005-10-20 | 2026-06-16 |
| CVE-2005-3121 | A rule file in module-assistant before 0.9.10 causes a temporary file to be created insecurely, which allows local users to conduct unauthorized operations. | 2.1 | 0.36% | 2005-10-20 | 2026-06-16 |
| CVE-2005-2959 | Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are. | 4.6 | 0.62% | 2005-10-25 | 2026-06-16 |
| CVE-2005-2958 | Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code. | 7.5 | 3.61% | 2005-10-25 | 2026-06-16 |
| CVE-2005-3123 | Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. | 5.0 | 2.98% | 2005-10-30 | 2026-06-16 |
| CVE-2005-3122 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reason: this candidate was intended for one issue, but two different authoritative sources used it for two distinct issues. Notes: All CVE users should consult CVE-2005-3424 and CVE-2005-3425 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | 0.26% | 2005-10-30 | 2023-11-06 |
| CVE-2005-3124 | syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file. | 2.1 | 0.37% | 2005-11-06 | 2026-06-16 |