CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 116 results
«« First « Prev Page 1 / 6 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2022-23747 In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback. 9.8 10.01% 2022-08-17 2026-06-17
CVE-2020-6018 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution. 9.8 3.10% 2020-12-01 2026-06-16
CVE-2020-6017 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution. 9.8 3.10% 2020-12-03 2026-06-16
CVE-2020-6016 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting in a memory corruption and probably even a remote code execution. 9.8 5.75% 2020-11-18 2026-06-16
CVE-2020-6009 LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection. 9.8 1.84% 2020-04-01 2026-06-16
CVE-2020-6008 LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution 9.8 3.78% 2020-03-31 2026-06-16
CVE-2019-8459 Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one. 9.8 1.19% 2019-06-20 2026-06-16
CVE-2019-8457 SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. 9.8 45.43% 2019-05-30 2026-06-16
CVE-2018-8800 rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution. 9.8 7.06% 2019-02-05 2026-06-16
CVE-2018-8797 rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution. 9.8 7.06% 2019-02-05 2026-06-16
CVE-2018-8795 rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution. 9.8 7.40% 2019-02-05 2026-06-16
CVE-2018-8794 rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution. 9.8 6.66% 2019-02-05 2026-06-16
CVE-2018-8793 rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution. 9.8 7.06% 2019-02-05 2026-06-16
CVE-2018-8788 FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. 9.8 7.40% 2018-11-29 2026-06-16
CVE-2018-8787 FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. 9.8 8.36% 2018-11-29 2026-06-16
CVE-2018-8786 FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. 9.8 8.16% 2018-11-29 2026-06-16
CVE-2018-8785 FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. 9.8 7.29% 2018-11-29 2026-06-16
CVE-2018-8784 FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. 9.8 7.29% 2018-11-29 2026-06-16
CVE-2018-20248 In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, LoadFromString, LoadFromStream, DAOpenFile or DAOpenFileReadOnly functions may result in an access violation caused by out of bounds memory access. 9.8 1.65% 2018-12-24 2026-06-16
CVE-2016-7480 The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. 9.8 41.56% 2017-01-11 2026-06-16
«« First « Prev Page 1 / 6 Next »
cvelogic Threat Intelligence