CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 21
«« 先頭 « 前へ 1 / 2 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-1837 Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs) 8.5 0.55% 2023-05-23 2026-06-17
CVE-2022-2193 Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1. 7.5 0.67% 2022-07-19 2026-06-17
CVE-2022-2192 Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions. 7.5 0.76% 2022-07-19 2026-06-17
CVE-2023-6336 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. 7.2 0.17% 2024-01-16 2026-06-17
CVE-2023-1477 Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3. 7.2 0.62% 2023-04-28 2026-06-17
CVE-2024-8273 Authentication Bypass by Spoofing vulnerability in HYPR Server allows Identity Spoofing.This issue affects Server: before 10.1. 7.1 0.27% 2025-12-11 2026-06-17
CVE-2023-5097 Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7. 7.0 0.19% 2024-01-16 2026-06-17
CVE-2023-0834 Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1. 7.0 0.32% 2023-04-28 2026-06-17
CVE-2026-4522 Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1. 6.7 0.12% 2026-06-25 2026-06-25
CVE-2023-6335 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. 6.4 0.17% 2024-01-16 2026-06-17
CVE-2025-0372 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1. 5.9 0.05% 2025-05-21 2026-06-17
CVE-2026-1712 Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7. 5.8 0.29% 2026-03-25 2026-06-17
CVE-2025-2102 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1. 5.7 0.12% 2025-05-21 2026-06-17
CVE-2026-2414 Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege Escalation.This issue affects Server: from 9.5.2 before 10.7.2. 5.6 0.29% 2026-03-25 2026-06-17
CVE-2024-1721 Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows allows Malicious Software Update.This issue affects HYPR Passwordless: before 9.1. 5.6 0.11% 2024-05-21 2026-06-17
CVE-2024-0068 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1. 5.5 0.20% 2024-02-29 2026-06-17
CVE-2023-6334 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. 5.3 0.05% 2024-01-16 2026-06-17
CVE-2022-1984 This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate privileges via a malicious serialized payload. 4.5 0.17% 2022-07-19 2026-06-17
CVE-2022-3258 Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on Windows allows Authentication Abuse. 3.7 0.21% 2022-11-03 2026-06-17
CVE-2024-0070 Rejected reason: This CVE ID was unused by the CNA. 該当なし 該当なし 2023-11-27 2023-11-27
«« 先頭 « 前へ 1 / 2 次へ »
cvelogic Threat Intelligence