Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2005-3523 | Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field. | 7.5 | 8.74% | 2005-11-06 | 2026-06-16 |
| CVE-2005-3344 | The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access. | 10.0 | 7.99% | 2005-11-16 | 2026-06-16 |
| CVE-2005-2659 | Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors. | 10.0 | 2.16% | 2005-11-16 | 2026-06-16 |
| CVE-2005-3622 | phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory. | 5.0 | 1.70% | 2005-11-16 | 2026-06-16 |
| CVE-2005-3621 | CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts. | 5.0 | 1.56% | 2005-11-16 | 2026-06-16 |
| CVE-2005-3348 | HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter. | 4.3 | 1.98% | 2005-11-17 | 2026-06-16 |
| CVE-2005-3347 | Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the | 6.8 | 3.46% | 2005-11-17 | 2026-06-16 |
| CVE-2005-3349 | GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file. | 1.9 | 0.36% | 2005-11-18 | 2026-06-16 |
| CVE-2005-3694 | centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus. | 7.8 | 11.99% | 2005-11-20 | 2026-06-16 |
| CVE-2005-3346 | Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call. | 7.2 | 0.85% | 2005-11-20 | 2026-06-16 |
| CVE-2005-3759 | Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments. | 5.8 | 1.44% | 2005-11-22 | 2026-06-16 |
| CVE-2005-3531 | fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters. | 2.1 | 0.36% | 2005-11-22 | 2026-06-16 |
| CVE-2005-3885 | The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. | 2.1 | 0.35% | 2005-11-29 | 2026-06-16 |
| CVE-2005-3665 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation. | 4.3 | 1.80% | 2005-12-08 | 2026-06-16 |
| CVE-2005-3532 | authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled. | 7.5 | 1.58% | 2005-12-10 | 2026-06-16 |
| CVE-2005-3533 | Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current working directory and filename. | 7.2 | 1.15% | 2005-12-10 | 2026-06-16 |
| CVE-2005-4178 | Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations. | 6.5 | 3.44% | 2005-12-12 | 2026-06-16 |
| CVE-2005-3534 | Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2, allows remote attackers to execute arbitrary code via a large request, which is written past the end of the buffer because nbd does not account for memory taken by the reply header. | 7.5 | 5.99% | 2005-12-22 | 2026-06-16 |
| CVE-2005-3537 | A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs. | 5.0 | 1.42% | 2005-12-22 | 2026-06-16 |
| CVE-2005-3536 | SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQL commands via the topic type. | 7.5 | 1.27% | 2005-12-22 | 2026-06-16 |