CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 751
«« 先頭 « 前へ 1 / 38 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-4701 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the vendor eventually states that this issue is identical to CVE-2023-3935 該当なし 0.04% 2023-09-13 2023-11-06
CVE-2023-39170 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it's a duplicate of CVE-2023-39169. 該当なし 0.04% 2023-12-07 2023-12-07
CVE-2023-3378 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 該当なし 0.04% 2023-09-15 2023-11-06
CVE-2023-0115 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 該当なし 0.04% 2023-02-01 2023-11-06
CVE-2022-28817 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: No impact could be verified. Notes: none 該当なし 0.04% 2022-08-23 2023-11-06
CVE-2022-22507 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. 該当なし 0.04% 2023-07-02 2023-11-06
CVE-2021-46388 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: The issue is not a vulnerability (fails CNT2) - Has no impact on availability, integrity or confidence as only documented html templates are shown without additional data or the option to store changes. Notes 該当なし 0.04% 2022-02-16 2023-11-06
CVE-2021-46380 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: This is a duplicate to CVE-2022-22511 Notes 該当なし 0.04% 2022-03-04 2023-11-06
CVE-2021-34604 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. It is a duplicate of CVE-2022-22514. Notes: none 該当なし 0.04% 2022-06-24 2023-11-06
CVE-2025-41743 Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a local unprivileged attacker to extract data from update images and thus obtain limited information about the architecture and internal processes. 4.0 0.05% 2025-12-02 2026-06-17
CVE-2025-41686 A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access. 7.8 0.05% 2025-08-12 2026-06-17
CVE-2025-24006 A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root. 7.8 0.05% 2025-07-08 2026-06-17
CVE-2025-41698 A low privileged local attacker can interact with the affected service although user-interaction should not be allowed. 7.8 0.06% 2025-08-05 2026-06-17
CVE-2025-2810 A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key. 5.5 0.06% 2025-08-05 2026-06-17
CVE-2025-41658 CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions. 5.5 0.06% 2025-08-04 2026-06-17
CVE-2025-41662 Rejected reason: CVE-2025-41662 is considered redundant or unnecessary and thus should be withdrawn. Instead, a new CVE CVE-2025-41687 has been reserved to better reflect the updated analysis. 該当なし 0.07% 2025-06-11 2025-07-23
CVE-2025-24005 A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. 7.8 0.07% 2025-07-08 2026-06-17
CVE-2024-45273 An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. 8.4 0.07% 2024-10-15 2026-06-17
CVE-2025-41762 An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates. 6.2 0.08% 2026-03-09 2026-06-17
CVE-2022-4048 Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application. 7.7 0.08% 2023-05-15 2026-06-17
«« 先頭 « 前へ 1 / 38 次へ »
cvelogic Threat Intelligence