CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 4160 of 80 results
CVE Description Max CVSS EPSS % Published Updated
CVE-2019-19231 An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. 7.3 0.62% 2019-12-20 2026-06-16
CVE-2019-19230 An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code. 9.8 3.76% 2019-12-09 2026-06-16
CVE-2019-13657 CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. 9.8 2.50% 2019-10-17 2026-06-16
CVE-2019-13658 CA Network Flow Analysis 9.x and 10.0.x have a default credential vulnerability that can allow a remote attacker to execute arbitrary commands and compromise system security. 9.8 3.44% 2019-10-02 2026-06-16
CVE-2019-13656 An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code. 9.8 5.82% 2019-09-06 2026-06-16
CVE-2019-7394 A privilege escalation vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x allows an authenticated attacker to gain additional privileges in some cases where an account has customized and limited privileges. 8.8 2.87% 2019-05-28 2026-06-16
CVE-2019-7393 A UI redress vulnerability in the administrative user interface of CA Technologies CA Strong Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 7.1.x and CA Risk Authentication 9.0.x, 8.2.x, 8.1.x, 8.0.x, 3.1.x may allow a remote attacker to gain sensitive information in some cases. 4.3 2.32% 2019-05-28 2026-06-16
CVE-2019-7392 An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration. 9.1 1.72% 2019-02-26 2026-06-16
CVE-2019-6504 Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object. 6.1 2.01% 2019-02-05 2026-06-16
CVE-2018-19635 CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface. 9.8 1.18% 2019-01-22 2026-06-16
CVE-2018-19634 CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information. 7.5 1.33% 2019-01-22 2026-06-16
CVE-2018-14597 CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names. 5.3 1.34% 2018-10-17 2026-06-16
CVE-2018-15691 Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code. 9.8 16.76% 2018-08-30 2026-06-16
CVE-2018-13826 An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks. 9.1 1.83% 2018-08-30 2026-06-16
CVE-2018-13825 Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks. 6.1 0.90% 2018-08-30 2026-06-16
CVE-2018-13824 Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks. 9.8 1.75% 2018-08-30 2026-06-16
CVE-2018-13823 An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information. 7.5 1.88% 2018-08-30 2026-06-16
CVE-2018-13822 Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information. 7.5 1.33% 2018-08-30 2026-06-16
CVE-2018-13821 A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing. 9.8 2.68% 2018-08-30 2026-06-16
CVE-2018-13820 A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information. 7.5 1.38% 2018-08-30 2026-06-16
cvelogic Threat Intelligence