CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 272 results
«« First « Prev Page 1 / 14 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2015-9056 Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack. 6.1 0.83% 2017-06-16 2026-06-16
CVE-2016-10352 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10353 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10354 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10355 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10356 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10357 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10358 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10359 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10360 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10361 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none N/A 0.24% 2019-03-05 2023-11-06
CVE-2016-10362 Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials. 6.5 1.08% 2017-06-16 2026-06-16
CVE-2016-10363 Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit. 7.5 1.31% 2017-06-16 2026-06-16
CVE-2016-10364 With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions. 6.5 0.99% 2017-06-16 2026-06-16
CVE-2016-10365 Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website. 6.1 1.02% 2017-06-16 2026-06-16
CVE-2016-10366 Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack. 6.1 0.94% 2017-06-16 2026-06-16
CVE-2017-11479 Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. 6.1 1.07% 2017-09-28 2026-06-16
CVE-2017-11480 Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic. 7.5 1.44% 2017-12-08 2026-06-16
CVE-2017-11481 Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting (XSS) vulnerability via URL fields that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. 6.1 0.84% 2017-12-08 2026-06-16
CVE-2017-11482 The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website. 6.1 0.74% 2017-12-08 2026-06-16
«« First « Prev Page 1 / 14 Next »
cvelogic Threat Intelligence