CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 6180 of 94 results
CVE Description Max CVSS EPSS % Published Updated
CVE-2023-5255 For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. 4.4 0.41% 2023-10-03 2026-06-17
CVE-2023-5309 Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. 6.8 0.50% 2023-11-07 2026-06-17
CVE-2023-5759 In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner.   7.5 0.95% 2023-11-08 2026-06-17
CVE-2024-0325 In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins.   3.6 0.75% 2024-02-01 2026-06-17
CVE-2024-10314 In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Więsek. 8.7 0.47% 2024-11-11 2026-06-17
CVE-2024-10315 In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Alpha Inferno PVT LTD. 6.9 0.32% 2024-11-11 2026-06-17
CVE-2024-10344 In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek. 8.7 0.47% 2024-11-11 2026-06-17
CVE-2024-10345 In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek. 8.7 0.47% 2024-11-11 2026-06-17
CVE-2024-11084 Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists. 6.3 0.39% 2025-04-15 2026-06-17
CVE-2024-2796 A server-side request forgery (SSRF) was discovered in the Akana API Platform in versions prior to and including 2022.1.3. Reported by Jakob Antonsson. 9.3 0.38% 2024-04-18 2026-06-17
CVE-2024-3825 Versions of the BlazeMeter Jenkins plugin prior to 4.22 contain a flaw which results in credential enumeration 4.3 0.17% 2024-04-17 2026-06-17
CVE-2024-3826 In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On (SSO) functionality. 8.6 0.34% 2024-07-02 2026-06-17
CVE-2024-3930 In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered. 6.3 0.31% 2024-07-30 2026-06-17
CVE-2024-3995 In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins. 2.0 0.61% 2024-06-28 2026-06-17
CVE-2024-5174 A flaw in Gliffy results in broken authentication through the reset functionality of the application. 5.3 0.34% 2025-02-24 2026-06-17
CVE-2024-5249 In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. 5.4 0.22% 2024-07-30 2026-06-17
CVE-2024-5250 In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations 3.5 0.29% 2024-07-30 2026-06-17
CVE-2024-6726 Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw which results in Remote Code Execution (RCE). 8.8 0.74% 2024-07-29 2026-06-17
CVE-2024-6727 A flaw in versions of Delphix Data Control Tower (DCT) prior to 19.0.0 results in broken authentication through the enable-scale-testing functionality of the application. 5.4 0.31% 2024-07-29 2026-06-17
CVE-2024-7141 Versions of Gliffy Online prior to versions 4.14.0-7 contains a Cross Site Request Forgery (CSRF) flaw. 5.9 0.19% 2025-02-20 2026-06-17
cvelogic Threat Intelligence