Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-46748 | An authenticated user attempting to change their password could do so without using the current password. | 2.7 | 0.20% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46744 | An authenticated administrator could modify the Created By username for a user account | 2.7 | 0.20% | 2025-05-12 | 2026-06-17 |
| CVE-2025-48015 | Failed login response could be different depending on whether the username was local or central. | 3.7 | 0.20% | 2025-05-20 | 2026-06-17 |
| CVE-2023-31152 | An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.0 | 0.36% | 2023-05-10 | 2026-06-17 |
| CVE-2023-2264 | An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior. See product Instruction Manual Appendix A dated 20230830 for more details. | 4.0 | 0.21% | 2023-11-30 | 2026-06-17 |
| CVE-2023-31166 | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.1 | 0.59% | 2023-05-10 | 2026-06-17 |
| CVE-2025-48016 | OpenFlow discovery protocol can exhaust resources because it is not rate limited | 4.3 | 0.18% | 2025-05-20 | 2026-06-17 |
| CVE-2025-46749 | An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution. | 4.3 | 0.22% | 2025-05-12 | 2026-06-17 |
| CVE-2025-46742 | Users who were required to change their password could still access system information before changing their password | 4.3 | 0.17% | 2025-05-12 | 2026-06-17 |
| CVE-2023-31177 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for more details. | 4.3 | 0.48% | 2023-11-30 | 2026-06-17 |
| CVE-2023-31165 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31164 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31163 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31160 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31159 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31158 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31157 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31156 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31155 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |
| CVE-2023-31154 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. | 4.3 | 0.44% | 2023-05-10 | 2026-06-17 |