CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 315 results
«« First « Prev Page 1 / 16 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2017-1002150 python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection 6.1 0.81% 2017-09-14 2026-06-16
CVE-2017-1002151 Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization 7.5 1.06% 2017-09-14 2026-06-16
CVE-2017-1002152 Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles. 6.1 0.78% 2019-01-10 2026-06-16
CVE-2017-1002153 Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission. 7.5 1.14% 2017-10-06 2026-06-16
CVE-2017-1002157 modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution. 9.8 2.80% 2019-01-10 2026-06-16
CVE-2018-1002150 Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1. 9.1 1.67% 2018-04-04 2026-06-16
CVE-2020-15853 supybot-fedora implements the command 'refresh', that refreshes the cache of all users from FAS. This takes quite a while to run, and zodbot stops responding to requests during this time. 5.3 0.60% 2022-10-18 2026-06-16
CVE-2020-15855 Two cross-site scripting vulnerabilities were fixed in Bodhi 5.6.1. 6.1 0.40% 2022-10-07 2026-06-16
CVE-2021-30469 A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. 5.5 0.70% 2021-05-26 2026-06-16
CVE-2021-30470 A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. 5.5 0.69% 2021-05-26 2026-06-16
CVE-2021-30471 A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. 5.5 0.73% 2021-05-26 2026-06-16
CVE-2021-30472 A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value. 7.8 0.76% 2021-05-26 2026-06-16
CVE-2021-32490 A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filter_bv() via crafted djvu file may lead to application crash and other consequences. 7.8 0.91% 2021-06-24 2026-06-16
CVE-2021-32491 A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences. 7.8 0.88% 2021-06-24 2026-06-16
CVE-2021-32492 A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences. 7.8 0.93% 2021-06-24 2026-06-16
CVE-2021-32493 A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overflow in function DJVU::GBitmap::decode() via crafted djvu file may lead to application crash and other consequences. 7.8 1.00% 2021-06-24 2026-06-16
CVE-2021-32494 Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service. 10.0 0.84% 2023-07-07 2026-06-16
CVE-2021-32495 Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service. 10.0 0.76% 2023-07-07 2026-06-16
CVE-2021-32613 In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. 5.5 1.16% 2021-05-14 2026-06-16
CVE-2021-32614 A flaw was found in dmg2img through 20170502. fill_mishblk() does not check the length of the read buffer, and copy 0xCC bytes from it. The length of the buffer is controlled by an attacker. By providing a length smaller than 0xCC, memcpy reaches out of the malloc'ed bound. This possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution. 7.1 0.91% 2021-05-26 2026-06-16
«« First « Prev Page 1 / 16 Next »
cvelogic Threat Intelligence