CVE 列表 – 发现高风险与在野利用漏洞

聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。

分配机构(CNA / 来源):[email protected] 移除此筛选

显示 120751 条结果
«« 第一页 « 上一页 第 1 / 38 页 下一页 »
CVE 描述 最高 CVSS EPSS % 公开时间 更新时间
CVE-2023-4701 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the vendor eventually states that this issue is identical to CVE-2023-3935 0.04% 2023-09-13 2023-11-06
CVE-2023-39170 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it's a duplicate of CVE-2023-39169. 0.04% 2023-12-07 2023-12-07
CVE-2023-3378 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 0.04% 2023-09-15 2023-11-06
CVE-2023-0115 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 0.04% 2023-02-01 2023-11-06
CVE-2022-28817 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: No impact could be verified. Notes: none 0.04% 2022-08-23 2023-11-06
CVE-2022-22507 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. 0.04% 2023-07-02 2023-11-06
CVE-2021-46388 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: The issue is not a vulnerability (fails CNT2) - Has no impact on availability, integrity or confidence as only documented html templates are shown without additional data or the option to store changes. Notes 0.04% 2022-02-16 2023-11-06
CVE-2021-46380 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: Reason: This is a duplicate to CVE-2022-22511 Notes 0.04% 2022-03-04 2023-11-06
CVE-2021-34604 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. It is a duplicate of CVE-2022-22514. Notes: none 0.04% 2022-06-24 2023-11-06
CVE-2025-41743 Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E-T3 allows a local unprivileged attacker to extract data from update images and thus obtain limited information about the architecture and internal processes. 4.0 0.05% 2025-12-02 2026-06-17
CVE-2025-41686 A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access. 7.8 0.05% 2025-08-12 2026-06-17
CVE-2025-24006 A low privileged local attacker can leverage insecure permissions via SSH on the affected devices to escalate privileges to root. 7.8 0.05% 2025-07-08 2026-06-17
CVE-2025-41698 A low privileged local attacker can interact with the affected service although user-interaction should not be allowed. 7.8 0.06% 2025-08-05 2026-06-17
CVE-2025-2810 A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key. 5.5 0.06% 2025-08-05 2026-06-17
CVE-2025-41658 CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions. 5.5 0.06% 2025-08-04 2026-06-17
CVE-2025-41662 Rejected reason: CVE-2025-41662 is considered redundant or unnecessary and thus should be withdrawn. Instead, a new CVE CVE-2025-41687 has been reserved to better reflect the updated analysis. 0.07% 2025-06-11 2025-07-23
CVE-2025-24005 A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation. 7.8 0.07% 2025-07-08 2026-06-17
CVE-2024-45273 An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used. 8.4 0.07% 2024-10-15 2026-06-17
CVE-2025-41762 An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates. 6.2 0.08% 2026-03-09 2026-06-17
CVE-2022-4048 Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application. 7.7 0.08% 2023-05-15 2026-06-17
«« 第一页 « 上一页 第 1 / 38 页 下一页 »
cvelogic Threat Intelligence