聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2005-20001 | Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | 無 | 無 | 2026-04-22 | 2026-04-22 |
| CVE-2005-10004 | Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity. | 8.7 | 57.98% | 2025-08-30 | 2025-12-26 |
| CVE-2005-2347 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 無 | 無 | 2025-06-19 | 2025-06-19 |
| CVE-2005-10003 | A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 0.8.3 is able to address this issue. The patch is named 6ed8e3cc336e29f09c7e791863d0559939da9 | 6.3 | 0.50% | 2024-10-17 | 2024-11-14 |
| CVE-2005-10002 | A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. Affected is the function sf_downloads of the file secure-files.php. The manipulation of the argument downloadfile leads to path traversal. Upgrading to version 1.2 is able to address this issue. The name of the patch is cab025e5fc2bcdad8032d833ebc38e6bd2a13c92. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-243804. | 5.5 | 0.20% | 2023-10-29 | 2024-11-20 |
| CVE-2005-10001 | A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | 5.4 | 0.16% | 2022-03-28 | 2024-11-20 |
| CVE-2005-2795 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.22% | 2021-06-18 | 2023-11-07 |
| CVE-2005-0394 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.22% | 2021-06-18 | 2023-11-07 |
| CVE-2005-2493 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2005. Notes: none | 無 | 0.22% | 2021-06-11 | 2023-11-07 |
| CVE-2005-4894 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2005-4893 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2005-4892 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 無 | 0.24% | 2020-11-05 | 2023-11-07 |
| CVE-2005-4891 | Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements. | 9.8 | 0.37% | 2020-01-15 | 2024-11-21 |
| CVE-2005-2354 | Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues. | 9.8 | 0.51% | 2019-11-05 | 2024-11-20 |
| CVE-2005-4890 | There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process. | 7.8 | 0.23% | 2019-11-04 | 2024-11-21 |
| CVE-2005-2352 | I race condition in Temp files was found in gs-gpl before 8.56 addons scripts. | 8.1 | 0.32% | 2019-11-01 | 2024-11-20 |
| CVE-2005-2351 | Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files. | 5.5 | 0.13% | 2019-11-01 | 2024-11-20 |
| CVE-2005-2350 | Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface. | 6.1 | 0.43% | 2019-11-01 | 2024-11-20 |
| CVE-2005-3056 | TWiki allows arbitrary shell command execution via the Include function | 9.8 | 1.02% | 2019-11-01 | 2024-11-21 |
| CVE-2005-2349 | Zoo 2.10 has Directory traversal | 7.5 | 0.36% | 2019-10-28 | 2024-11-20 |