CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 101120 of 804 results
«« First « Prev Page 6 / 41 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2005-3535 Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors. 7.5 2.36% 2005-12-27 2026-06-16
CVE-2005-3343 tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. 4.6 0.38% 2005-12-27 2026-06-16
CVE-2005-3341 DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh. 2.1 0.36% 2005-12-27 2026-06-16
CVE-2005-3345 rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper command to chroot to an external directory. 7.2 0.37% 2005-12-28 2026-06-16
CVE-2005-4536 Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file. 2.1 0.35% 2005-12-31 2026-06-16
CVE-2005-3540 Buffer overflow in petris before 1.0.1 allows remote attackers to execute arbitrary code via unspecified attack vectors. 7.5 3.16% 2005-12-31 2026-06-16
CVE-2005-3539 Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3. 7.5 12.65% 2005-12-31 2026-06-16
CVE-2005-3538 hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges. 7.5 2.48% 2005-12-31 2026-06-16
CVE-2005-3342 noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in (1) lib/toascii.nw and (2) shell/roff.mm. 1.2 0.35% 2005-12-31 2026-06-16
CVE-2005-3340 The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and earlier creates temporary files insecurely, with unknown impact and attack vectors. 7.2 0.39% 2005-12-31 2026-06-16
CVE-2005-3126 The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files. 1.9 0.34% 2005-12-31 2026-06-16
CVE-2005-0528 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0985. Reason: This candidate is a duplicate of CVE-2003-0985. Notes: All CVE users should reference CVE-2003-0985 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage N/A 0.26% 2005-12-31 2023-11-06
CVE-2005-0489 The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory. 4.9 0.38% 2005-12-31 2026-06-16
CVE-2006-0082 Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name, a variant of CVE-2005-0397, and as demonstrated using the convert program. 5.1 4.34% 2006-01-04 2026-06-16
CVE-2006-0044 Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remote attackers to execute arbitrary commands via unspecified vectors involving template files and the "handling of submitted form fields". 7.5 4.25% 2006-01-17 2026-06-16
CVE-2006-0045 crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges. 7.2 0.34% 2006-01-20 2026-06-16
CVE-2006-0353 unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys. 3.6 0.35% 2006-01-22 2026-06-16
CVE-2006-0467 Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to cause a denial of service (application crash) via long chat messages. 5.0 2.70% 2006-01-30 2026-06-16
CVE-2006-0600 elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request. 5.0 1.76% 2006-02-13 2026-06-16
CVE-2006-0599 The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. 5.0 1.53% 2006-02-13 2026-06-16
«« First « Prev Page 6 / 41 Next »
cvelogic Threat Intelligence