CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

EPSS スコア
≥ 1% ≥ 5% ≥ 10% ≥ 30% ≥ 50%
CVSS スコア
≥ 6 ≥ 7 ≥ 8 ≥ 9
さらに表示
表示中 120 / 157
«« 先頭 « 前へ 1 / 8 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-22621 In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles. 6.4 0.25% 2025-01-07 2026-04-15
CVE-2025-0367 In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Service (ReDoS) attack. 6.5 0.47% 2025-01-30 2026-04-15
CVE-2024-53247 In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE). 8.8 1.08% 2024-12-10 2026-04-15
CVE-2024-53243 In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could see alert search query responses using Splunk Secure Gateway App Key Value Store (KVstore) collections endpoints due to improper access control. 4.3 0.30% 2024-12-10 2026-04-15
CVE-2022-32156 In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_TLS_host_name_validation_for_the_Splunk_CLI to enable the remediation. The vulnerability does not aff 8.1 0.74% 2022-06-15 2026-02-25
CVE-2024-53252 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-53251 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-53250 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-53249 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-53248 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45743 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45742 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45730 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45729 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45728 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45727 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45726 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45725 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-45724 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
CVE-2024-36998 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used. 該当なし 該当なし 2026-01-22 2026-01-22
«« 先頭 « 前へ 1 / 8 次へ »
cvelogic Threat Intelligence