CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

CVSS スコア
表示中 120 / 60
«« 先頭 « 前へ 1 / 3 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-48018 An authenticated user can modify application state data. 7.5 0.13% 2025-05-20 2026-06-17
CVE-2025-48017 Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files 9.0 0.39% 2025-05-20 2026-06-17
CVE-2025-48016 OpenFlow discovery protocol can exhaust resources because it is not rate limited 4.3 0.18% 2025-05-20 2026-06-17
CVE-2025-48015 Failed login response could be different depending on whether the username was local or central. 3.7 0.20% 2025-05-20 2026-06-17
CVE-2025-48014 Password guessing limits could be bypassed when using LDAP authentication. 7.5 0.36% 2025-05-20 2026-06-17
CVE-2025-46750 SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set. 4.4 0.15% 2025-05-12 2026-06-17
CVE-2025-46749 An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution. 4.3 0.22% 2025-05-12 2026-06-17
CVE-2025-46748 An authenticated user attempting to change their password could do so without using the current password. 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-46747 An authenticated user without user-management permissions could identify other user accounts. 5.7 0.26% 2025-05-12 2026-06-17
CVE-2025-46746 An administrator could discover another account's credentials. 5.8 0.19% 2025-05-12 2026-06-17
CVE-2025-46745 An authenticated user without user-management permissions could view other users account information. 6.5 0.26% 2025-05-12 2026-06-17
CVE-2025-46744 An authenticated administrator could modify the Created By username for a user account 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-46743 An authenticated user's token could be used by another source after the user had logged out prior to the token expiring. 6.3 0.06% 2025-05-12 2026-06-17
CVE-2025-46742 Users who were required to change their password could still access system information before changing their password 4.3 0.17% 2025-05-12 2026-06-17
CVE-2025-46741 A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred. 5.7 0.06% 2025-05-12 2026-06-17
CVE-2025-46740 An authenticated user without user administrative permissions could change the administrator Account Name. 7.5 0.27% 2025-05-12 2026-06-17
CVE-2025-46739 An unauthenticated user could discover account credentials via a brute-force attack without rate limiting 8.1 0.33% 2025-05-12 2026-06-17
CVE-2025-46738 An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. 6.6 0.15% 2025-05-12 2026-06-17
CVE-2025-46737 SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. 7.4 0.08% 2025-05-12 2026-06-17
CVE-2024-2103 Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 6.5 0.46% 2024-04-04 2026-06-17
«« 先頭 « 前へ 1 / 3 次へ »
cvelogic Threat Intelligence