CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 213
«« 先頭 « 前へ 1 / 11 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-0893 Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability. 7.8 0.06% 2025-02-19 2026-06-17
CVE-2025-24508 Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage 6.4 0.06% 2025-07-07 2026-06-17
CVE-2025-13917 WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.0 0.08% 2026-01-28 2026-06-17
CVE-2025-9059 The Altiris Core Agent Updater package (AeXNSC.exe) is prone to an elevation of privileges vulnerability through DLL hijacking. 8.8 0.11% 2025-09-11 2026-06-17
CVE-2025-13918 Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 6.7 0.15% 2026-01-28 2026-06-17
CVE-2026-3991 Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.16% 2026-03-30 2026-06-17
CVE-2022-25631 Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated 7.8 0.17% 2023-01-20 2026-06-17
CVE-2025-24507 This vulnerability allows appliance compromise at boot time. 8.9 0.18% 2025-01-30 2026-06-17
CVE-2023-23953 Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to an Elevation of Privilege vulnerability. 7.8 0.19% 2023-05-31 2026-06-17
CVE-2019-9703 Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. 7.8 0.21% 2019-07-01 2026-06-16
CVE-2019-9702 Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. 7.8 0.21% 2019-07-01 2026-06-16
CVE-2025-24500 The vulnerability allows an unauthenticated attacker to access information in PAM database. 8.7 0.22% 2025-01-30 2026-06-17
CVE-2024-38499 CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and SD_ACMD CLI. This would allow the non admin user to access the critical encryption keys which further causes the exploitation of stored credentials. This fix doesn't allow a non-admin/non-root user to execute "caf encrypt"/"sd_acmd encrypt" commands. 7.3 0.22% 2024-12-17 2026-06-17
CVE-2025-24503 A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server. 9.3 0.23% 2025-01-30 2026-06-17
CVE-2025-3599 Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user. 6.5 0.23% 2025-04-30 2026-06-17
CVE-2019-9694 Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 7.8 0.24% 2019-04-10 2026-06-16
CVE-2022-25623 The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations. 7.8 0.27% 2022-03-04 2026-06-17
CVE-2025-24505 This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file. 8.8 0.28% 2025-01-30 2026-06-17
CVE-2024-38491 The vulnerability allows an unauthenticated attacker to read arbitrary information from the database. 8.4 0.28% 2024-07-15 2026-06-17
CVE-2024-38493 A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI. 6.8 0.29% 2024-07-15 2026-06-17
«« 先頭 « 前へ 1 / 11 次へ »
cvelogic Threat Intelligence