CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 81100 of 114 results
CVE Description Max CVSS EPSS % Published Updated
CVE-2023-6740 Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges 8.8 0.18% 2024-01-12 2026-06-17
CVE-2023-6735 Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges 8.8 0.28% 2024-01-12 2026-06-17
CVE-2023-31211 Insufficient authentication flow in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows attacker to use locked credentials 8.8 0.51% 2024-01-12 2026-06-17
CVE-2023-31210 Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of malicious libraries 8.8 0.54% 2023-12-13 2026-06-17
CVE-2023-6287 Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.8 allows local attacker to retrieve passwords via reading log files. 3.3 0.23% 2023-11-27 2026-06-17
CVE-2023-6251 Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users. 3.5 0.15% 2023-11-24 2026-06-17
CVE-2023-6157 Improper neutralization of livestatus command delimiters in ajax_search in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized users. 7.6 0.86% 2023-11-22 2026-06-17
CVE-2023-6156 Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk <= 2.0.0p39, < 2.1.0p37, and < 2.2.0p15 allows arbitrary livestatus command execution for authorized users. 7.6 0.86% 2023-11-22 2026-06-17
CVE-2023-23549 Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial denial of service of the UI via too long hostnames. 2.7 0.63% 2023-11-15 2026-06-17
CVE-2023-31209 Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users. 8.8 1.02% 2023-08-10 2026-06-17
CVE-2023-23548 Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30. 5.4 0.35% 2023-08-01 2026-06-17
CVE-2023-22359 User enumeration in Checkmk <=2.2.0p4 allows an authenticated attacker to enumerate usernames. 4.3 0.50% 2023-06-26 2026-06-17
CVE-2023-22348 Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs. 4.3 0.59% 2023-05-17 2026-06-17
CVE-2023-31208 Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk < 2.0.0p36, < 2.1.0p28, and < 2.2.0b8 (beta) allows arbitrary livestatus command execution for authorized users. 8.3 0.97% 2023-05-17 2026-06-17
CVE-2023-22318 Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5. 7.5 0.53% 2023-05-15 2026-06-17
CVE-2023-31207 Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log. 4.4 0.22% 2023-05-02 2026-06-17
CVE-2023-22309 Reflective Cross-Site-Scripting in Webconf in Tribe29 Checkmk Appliance before 1.6.4. 6.1 0.40% 2023-04-20 2026-06-17
CVE-2022-46302 Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk <= 2.1.0p6, Checkmk <= 2.0.0p27, and all versions of Checkmk 1.6.0 (EOL) allowing an attacker to perform remote code execution with root privileges on the underlying host. 8.8 0.39% 2023-04-20 2026-06-17
CVE-2023-22307 Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files. 5.5 0.22% 2023-04-18 2026-06-17
CVE-2023-22294 Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions. 8.8 0.68% 2023-04-18 2026-06-17
cvelogic Threat Intelligence