NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。
Assigner(CNA/発行元):[email protected] この条件を外す
| CVE | 説明 | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|
| CVE-2022-38735 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 該当なし | 該当なし | 2023-03-01 | 2023-11-06 |
| CVE-2022-23240 | Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors. | 6.5 | 0.41% | 2023-02-28 | 2026-06-17 |
| CVE-2022-23239 | Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack. | 4.8 | 0.34% | 2023-02-28 | 2026-06-17 |
| CVE-2022-38733 | OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component. | 8.6 | 0.53% | 2022-12-20 | 2026-06-17 |
| CVE-2022-23241 | Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period. | 8.1 | 0.67% | 2022-10-19 | 2026-06-17 |
| CVE-2022-38732 | SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented. | 7.5 | 0.62% | 2022-09-29 | 2026-06-17 |
| CVE-2020-8586 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | 該当なし | 0.04% | 2022-09-06 | 2023-11-06 |
| CVE-2022-23235 | Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled. | 5.3 | 0.49% | 2022-08-25 | 2026-06-17 |
| CVE-2018-5494 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | 該当なし | 0.04% | 2022-08-25 | 2023-11-06 |
| CVE-2018-5483 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | 該当なし | 0.04% | 2022-08-25 | 2023-11-06 |
| CVE-2022-23238 | Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to view limited metrics information and modify alert email recipients and content. | 6.5 | 0.60% | 2022-08-10 | 2026-06-17 |
| CVE-2022-23237 | E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites. | 6.1 | 0.55% | 2022-06-02 | 2026-06-17 |
| CVE-2022-23236 | E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users. | 4.4 | 0.17% | 2022-06-02 | 2026-06-17 |
| CVE-2022-23234 | SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials. | 5.5 | 0.16% | 2022-03-16 | 2026-06-17 |
| CVE-2022-23233 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service. | 7.5 | 0.89% | 2022-03-04 | 2026-06-17 |
| CVE-2022-23232 | StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0 are susceptible to a vulnerability which when successfully exploited could allow disabled, expired, or locked external user accounts to access S3 data to which they previously had access. StorageGRID 11.6.0 obtains the user account status from Active Directory or Azure and will block S3 access for disabled user accounts during the subsequent background synchronization. User accounts that are expired or locked for Active Directo | 4.9 | 0.75% | 2022-03-04 | 2026-06-17 |
| CVE-2021-27000 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none | 該当なし | 0.04% | 2022-02-28 | 2023-11-06 |
| CVE-2021-27016 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none | 該当なし | 0.04% | 2022-02-28 | 2023-11-06 |
| CVE-2021-27015 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none | 該当なし | 0.04% | 2022-02-28 | 2023-11-06 |
| CVE-2021-27014 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none | 該当なし | 0.04% | 2022-02-28 | 2023-11-06 |