Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2023-46791 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-12-21 | 2024-01-02 |
| CVE-2023-46792 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-11-07 | 2024-01-02 |
| CVE-2023-46794 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-11-07 | 2024-01-02 |
| CVE-2023-46795 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-11-07 | 2024-01-02 |
| CVE-2023-46796 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-11-07 | 2024-01-02 |
| CVE-2023-46797 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-11-07 | 2024-01-02 |
| CVE-2023-46798 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-11-07 | 2024-01-02 |
| CVE-2023-46799 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2023-11-07 | 2024-01-02 |
| CVE-2024-1216 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | 0.04% | 2024-02-13 | 2024-03-20 |
| CVE-2026-3126 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | N/A | 2026-03-25 | 2026-03-25 |
| CVE-2022-0698 | Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter. | 6.1 | 0.68% | 2022-11-25 | 2026-06-17 |
| CVE-2022-1716 | Keep My Notes v1.80.147 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation. | 4.6 | 0.41% | 2022-06-02 | 2026-06-17 |
| CVE-2022-1955 | Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation. | 4.6 | 0.35% | 2022-06-30 | 2026-06-17 |
| CVE-2022-1959 | AppLock version 7.9.29 allows an attacker with physical access to the device to bypass biometric authentication. This is possible because the application did not correctly implement fingerprint validations. | 6.6 | 0.42% | 2022-09-30 | 2026-06-17 |
| CVE-2022-22700 | CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource, exposes the response header 'X-CFY-TX-TM'. In certain configurations, that response header contains different, predictable value ranges which can be used to determine whether a user exists in the tenant. | 5.3 | 1.08% | 2022-03-03 | 2026-06-17 |
| CVE-2022-22701 | PartKeepr versions up to v1.4.0, loads attachments using a URL while creating a part and allows the use of the 'file://' URI scheme, allowing an authenticated user to read local files. | 6.5 | 1.02% | 2022-01-10 | 2026-06-17 |
| CVE-2022-22702 | PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be made to local ports, allowing an authenticated user to carry out SSRF attacks and port enumeration. | 4.3 | 0.71% | 2022-01-10 | 2026-06-17 |
| CVE-2022-23043 | Zenario CMS 9.2 allows an authenticated admin user to bypass the file upload restriction by creating a new 'File/MIME Types' using the '.phar' extension. Then an attacker can upload a malicious file, intercept the request and change the extension to '.phar' in order to run commands on the server. | 7.2 | 1.44% | 2022-02-24 | 2026-06-17 |
| CVE-2022-23044 | Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. This is possible because the application is vulnerable to CSRF. | 8.8 | 0.42% | 2022-11-25 | 2026-06-17 |
| CVE-2022-23045 | PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent JavaScript code inside the "Site title" parameter while updating the site settings. The "Site title" setting is injected in several locations which triggers the XSS. | 4.8 | 0.62% | 2022-01-19 | 2026-06-17 |