CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 81100 / 396
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2024-2760 Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys driver. 5.5 0.21% 2024-04-23 2026-06-17
CVE-2024-2692 SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS. 9.0 0.73% 2024-04-03 2026-06-17
CVE-2024-23441 Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the 0x2220A7 IOCTL code of the Vba32m64.sys driver. 5.5 0.24% 2024-01-29 2026-06-17
CVE-2024-23440 Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability. The 0x22200B IOCTL code of the Vba32m64.sys driver allows to read up to 0x802 of memory from ar arbitrary user-supplied pointer. 7.1 0.21% 2024-02-13 2026-06-17
CVE-2024-23439 Vba32 Antivirus v3.36.0 is vulnerable to an Arbitrary Memory Read vulnerability by triggering the 0x22201B, 0x22201F, 0x222023, 0x222027 ,0x22202B, 0x22202F, 0x22203F, 0x222057 and 0x22205B IOCTL codes of the Vba32m64.sys driver. 7.1 0.21% 2024-02-13 2026-06-17
CVE-2024-2204 Zemana AntiLogger v2.74.204.664 is vulnerable to a Denial of Service (DoS) vulnerability by triggering the 0x80002004 and 0x80002010 IOCTL codes of the zam64.sys and zamguard64.sys drivers. 5.5 0.24% 2024-03-15 2026-06-17
CVE-2024-2180 Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers 5.5 0.28% 2024-03-15 2026-06-17
CVE-2024-2045 Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. This is possible because the application is vulnerable to Local File Read via chat attachments. 5.5 0.33% 2024-02-29 2026-06-17
CVE-2024-1853 Zemana AntiLogger v2.74.204.664 is vulnerable to an Arbitrary Process Termination vulnerability by triggering the 0x80002048 IOCTL code of the zam64.sys and zamguard64.sys drivers. 5.5 0.20% 2024-03-14 2026-06-17
CVE-2024-1651 Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization. 10.0 34.00% 2024-02-19 2026-06-17
CVE-2024-1648 electron-pdf version 20.0.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user. 7.5 0.69% 2024-02-19 2026-06-17
CVE-2024-1647 Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user. 7.5 0.69% 2024-02-19 2026-06-17
CVE-2024-1644 Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI. 9.9 0.86% 2024-02-19 2026-06-17
CVE-2024-1460 MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. 5.6 0.24% 2024-03-06 2026-06-17
CVE-2024-1443 MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. 4.4 0.23% 2024-03-06 2026-06-17
CVE-2024-1297 Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to OS Command Injection. 7.2 2.76% 2024-02-19 2026-06-17
CVE-2024-1241 Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002014 IOCTL code of the wsdk-driver.sys driver. 5.5 0.17% 2024-04-23 2026-06-17
CVE-2024-1216 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 該当なし 0.04% 2024-02-13 2024-03-20
CVE-2024-1140 Twister Antivirus v8.17 is vulnerable to an Out-of-bounds Read vulnerability by triggering the 0x801120B8 IOCTL code of the filmfd.sys driver. 6.1 0.16% 2024-02-13 2026-06-17
CVE-2024-1096 Twister Antivirus v8.17 is vulnerable to a Denial of Service vulnerability by triggering the 0x80112067, 0x801120CB 0x801120CC 0x80112044, 0x8011204B, 0x8011204F, 0x80112057, 0x8011205B, 0x8011205F, 0x80112063, 0x8011206F, 0x80112073, 0x80112077, 0x80112078, 0x8011207C and 0x80112080 IOCTL codes of the fildds.sys driver. 5.5 0.20% 2024-02-13 2026-06-17
cvelogic Threat Intelligence