CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 6180 of 80 results
«« First « Prev Page 4 / 4 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2018-13819 A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information. 7.5 1.38% 2018-08-30 2026-06-16
CVE-2018-6590 CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability. 6.1 0.75% 2018-08-03 2026-06-16
CVE-2018-9029 An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks. 9.8 1.75% 2018-06-18 2026-06-16
CVE-2018-9028 Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking. 7.5 0.91% 2018-06-18 2026-06-16
CVE-2018-9027 A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link. 6.1 0.90% 2018-06-18 2026-06-16
CVE-2018-9026 A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. 7.5 1.33% 2018-06-18 2026-06-16
CVE-2018-9025 An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input. 7.5 1.41% 2018-06-18 2026-06-16
CVE-2018-9024 An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. 5.3 1.12% 2018-06-18 2026-06-16
CVE-2018-9023 An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script. 8.8 1.91% 2018-06-18 2026-06-16
CVE-2018-9022 An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file. 9.8 20.39% 2018-06-18 2026-06-16
CVE-2018-9021 An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests. 9.8 19.38% 2018-06-18 2026-06-16
CVE-2015-4664 An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands. 9.8 20.83% 2018-06-18 2026-06-16
CVE-2018-6589 CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10.2.3 allows remote attackers to cause a denial of service via unspecified vectors. 7.5 1.73% 2018-05-01 2026-06-16
CVE-2018-8954 CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request. 9.8 7.31% 2018-04-11 2026-06-16
CVE-2018-8953 CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request. 8.8 2.80% 2018-04-11 2026-06-16
CVE-2018-6588 CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer. 6.1 0.92% 2018-03-29 2026-06-16
CVE-2018-6587 CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable. 6.1 0.92% 2018-03-29 2026-06-16
CVE-2018-6586 CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing. 6.1 0.92% 2018-03-29 2026-06-16
CVE-2017-9394 A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated attackers to display HTML or execute script in the context of another user. 5.4 0.64% 2017-11-14 2026-06-16
CVE-2017-9393 CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially identify passwords of locked accounts through an exhaustive search. 9.8 1.68% 2017-09-22 2026-06-16
«« First « Prev Page 4 / 4 Next »
cvelogic Threat Intelligence