CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 60 results
«« First « Prev Page 1 / 3 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2023-31149 An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. 9.1 1.09% 2023-05-10 2026-06-17
CVE-2023-31148 An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. 9.1 1.09% 2023-05-10 2026-06-17
CVE-2025-48017 Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files 9.0 0.39% 2025-05-20 2026-06-17
CVE-2023-31175 An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 8.8 0.42% 2023-08-31 2026-06-17
CVE-2023-34392 A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 8.2 0.45% 2023-08-31 2026-06-17
CVE-2025-46739 An unauthenticated user could discover account credentials via a brute-force attack without rate limiting 8.1 0.33% 2025-05-12 2026-06-17
CVE-2023-31150 A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details. 8.0 0.47% 2023-05-10 2026-06-17
CVE-2023-31173 Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator on Windows allows Authentication Bypass. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 7.7 0.20% 2023-08-31 2026-06-17
CVE-2025-48018 An authenticated user can modify application state data. 7.5 0.13% 2025-05-20 2026-06-17
CVE-2025-48014 Password guessing limits could be bypassed when using LDAP authentication. 7.5 0.36% 2025-05-20 2026-06-17
CVE-2025-46740 An authenticated user without user administrative permissions could change the administrator Account Name. 7.5 0.27% 2025-05-12 2026-06-17
CVE-2023-31176 An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication.  See product Instruction Manual Appendix A dated 20230830 for more details. 7.5 0.93% 2023-11-30 2026-06-17
CVE-2025-46737 SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. 7.4 0.08% 2025-05-12 2026-06-17
CVE-2023-34391 Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths. See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more details. This issue affects SEL-5033 AcSELerator RTAC Software: before 1.35.151.21000. 7.4 0.13% 2023-08-31 2026-06-17
CVE-2023-31174 A Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 7.4 0.20% 2023-08-31 2026-06-17
CVE-2023-2310 A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle (MiTM) that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction manual date code 20210915 for more details. 6.8 0.50% 2023-05-10 2026-06-17
CVE-2025-46738 An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. 6.6 0.15% 2025-05-12 2026-06-17
CVE-2025-46745 An authenticated user without user-management permissions could view other users account information. 6.5 0.26% 2025-05-12 2026-06-17
CVE-2024-2103 Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 6.5 0.46% 2024-04-04 2026-06-17
CVE-2023-34388 An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. 6.5 0.91% 2023-11-30 2026-06-17
«« First « Prev Page 1 / 3 Next »
cvelogic Threat Intelligence