Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2022-23992 | XCOM Data Transport for Windows, Linux, and UNIX 11.6 releases contain a vulnerability due to insufficient input validation that could potentially allow remote attackers to execute arbitrary commands with elevated privileges. | 9.8 | 2.38% | 2022-02-14 | 2026-06-17 |
| CVE-2022-22689 | CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a vulnerability in the CSV export functionality, due to insufficient input validation, that can allow a privileged user to potentially execute arbitrary code or commands. | 8.8 | 1.29% | 2022-02-04 | 2026-06-17 |
| CVE-2022-23083 | NetMaster 12.2 Network Management for TCP/IP and NetMaster File Transfer Management contain a XSS (Cross-Site Scripting) vulnerability in ReportCenter UI due to insufficient input validation that could potentially allow an attacker to execute code on the affected machine. | 6.1 | 0.72% | 2022-01-18 | 2026-06-17 |
| CVE-2021-44050 | CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data. | 6.5 | 0.87% | 2021-12-02 | 2026-06-17 |
| CVE-2020-29478 | CA Service Catalog 17.2 and 17.3 contain a vulnerability in the default configuration of the Setup Utility that may allow a remote attacker to cause a denial of service condition. | 7.5 | 1.17% | 2021-01-05 | 2026-06-16 |
| CVE-2020-28421 | CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges. | 7.8 | 0.30% | 2020-11-23 | 2026-06-16 |
| CVE-2020-11660 | CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view restricted sensitive information. | 6.5 | 1.37% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11659 | CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. | 4.3 | 0.92% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11658 | CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization. | 9.8 | 2.32% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11666 | CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows malicious users to elevate privileges. | 8.8 | 3.02% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11665 | CA API Developer Portal 4.3.1 and earlier handles loginRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | 6.1 | 1.57% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11664 | CA API Developer Portal 4.3.1 and earlier handles homeRedirect page redirects in an insecure manner, which allows attackers to perform open redirect attacks. | 6.1 | 1.35% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11663 | CA API Developer Portal 4.3.1 and earlier handles 404 requests in an insecure manner, which allows attackers to perform open redirect attacks. | 6.1 | 1.32% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11662 | CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote attackers to exploit a Cross-Origin Resource Sharing flaw and access sensitive information. | 7.5 | 3.20% | 2020-04-15 | 2026-06-16 |
| CVE-2020-11661 | CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to view and edit user data. | 8.1 | 1.89% | 2020-04-15 | 2026-06-16 |
| CVE-2020-8012 | CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code. | 9.8 | 77.57% | 2020-02-17 | 2026-06-16 |
| CVE-2020-8011 | CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a null pointer dereference vulnerability in the robot (controller) component. A remote attacker can crash the Controller service. | 7.5 | 2.23% | 2020-02-17 | 2026-06-16 |
| CVE-2020-8010 | CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote attacker can execute commands, read from, or write to the target system. | 9.8 | 48.67% | 2020-02-17 | 2026-06-16 |
| CVE-2019-19544 | CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life (EOL) status on April 1, 2015. | 7.8 | 0.41% | 2020-01-08 | 2026-06-16 |
| CVE-2019-19518 | CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, related to a lack of authentication on the File Server port, that potentially allows remote attackers to execute arbitrary commands. | 9.8 | 2.83% | 2020-01-08 | 2026-06-16 |