Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2023-5255 | For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. | 4.4 | 0.41% | 2023-10-03 | 2026-06-17 |
| CVE-2023-5309 | Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. | 6.8 | 0.50% | 2023-11-07 | 2026-06-17 |
| CVE-2023-5759 | In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner. | 7.5 | 0.95% | 2023-11-08 | 2026-06-17 |
| CVE-2024-0325 | In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins. | 3.6 | 0.75% | 2024-02-01 | 2026-06-17 |
| CVE-2024-10314 | In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Więsek. | 8.7 | 0.47% | 2024-11-11 | 2026-06-17 |
| CVE-2024-10315 | In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Alpha Inferno PVT LTD. | 6.9 | 0.32% | 2024-11-11 | 2026-06-17 |
| CVE-2024-10344 | In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek. | 8.7 | 0.47% | 2024-11-11 | 2026-06-17 |
| CVE-2024-10345 | In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Więsek. | 8.7 | 0.47% | 2024-11-11 | 2026-06-17 |
| CVE-2024-11084 | Helix ALM prior to 2025.1 returns distinct error responses during authentication, allowing an attacker to determine whether a username exists. | 6.3 | 0.39% | 2025-04-15 | 2026-06-17 |
| CVE-2024-2796 | A server-side request forgery (SSRF) was discovered in the Akana API Platform in versions prior to and including 2022.1.3. Reported by Jakob Antonsson. | 9.3 | 0.38% | 2024-04-18 | 2026-06-17 |
| CVE-2024-3825 | Versions of the BlazeMeter Jenkins plugin prior to 4.22 contain a flaw which results in credential enumeration | 4.3 | 0.17% | 2024-04-17 | 2026-06-17 |
| CVE-2024-3826 | In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On (SSO) functionality. | 8.6 | 0.34% | 2024-07-02 | 2026-06-17 |
| CVE-2024-3930 | In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered. | 6.3 | 0.31% | 2024-07-30 | 2026-06-17 |
| CVE-2024-3995 | In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins. | 2.0 | 0.61% | 2024-06-28 | 2026-06-17 |
| CVE-2024-5174 | A flaw in Gliffy results in broken authentication through the reset functionality of the application. | 5.3 | 0.34% | 2025-02-24 | 2026-06-17 |
| CVE-2024-5249 | In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed. | 5.4 | 0.22% | 2024-07-30 | 2026-06-17 |
| CVE-2024-5250 | In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations | 3.5 | 0.29% | 2024-07-30 | 2026-06-17 |
| CVE-2024-6726 | Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw which results in Remote Code Execution (RCE). | 8.8 | 0.74% | 2024-07-29 | 2026-06-17 |
| CVE-2024-6727 | A flaw in versions of Delphix Data Control Tower (DCT) prior to 19.0.0 results in broken authentication through the enable-scale-testing functionality of the application. | 5.4 | 0.31% | 2024-07-29 | 2026-06-17 |
| CVE-2024-7141 | Versions of Gliffy Online prior to versions 4.14.0-7 contains a Cross Site Request Forgery (CSRF) flaw. | 5.9 | 0.19% | 2025-02-20 | 2026-06-17 |