CVE 列表 – 发现高风险与在野利用漏洞

聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。

分配机构(CNA / 来源):[email protected] 移除此筛选

显示 12060 条结果
«« 第一页 « 上一页 第 1 / 3 页 下一页 »
CVE 描述 最高 CVSS EPSS % 公开时间 更新时间
CVE-2025-48018 An authenticated user can modify application state data. 7.5 0.13% 2025-05-20 2026-06-17
CVE-2025-48017 Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files 9.0 0.39% 2025-05-20 2026-06-17
CVE-2025-48016 OpenFlow discovery protocol can exhaust resources because it is not rate limited 4.3 0.18% 2025-05-20 2026-06-17
CVE-2025-48015 Failed login response could be different depending on whether the username was local or central. 3.7 0.20% 2025-05-20 2026-06-17
CVE-2025-48014 Password guessing limits could be bypassed when using LDAP authentication. 7.5 0.36% 2025-05-20 2026-06-17
CVE-2025-46750 SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set. 4.4 0.15% 2025-05-12 2026-06-17
CVE-2025-46749 An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution. 4.3 0.22% 2025-05-12 2026-06-17
CVE-2025-46748 An authenticated user attempting to change their password could do so without using the current password. 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-46747 An authenticated user without user-management permissions could identify other user accounts. 5.7 0.26% 2025-05-12 2026-06-17
CVE-2025-46746 An administrator could discover another account's credentials. 5.8 0.19% 2025-05-12 2026-06-17
CVE-2025-46745 An authenticated user without user-management permissions could view other users account information. 6.5 0.26% 2025-05-12 2026-06-17
CVE-2025-46744 An authenticated administrator could modify the Created By username for a user account 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-46743 An authenticated user's token could be used by another source after the user had logged out prior to the token expiring. 6.3 0.06% 2025-05-12 2026-06-17
CVE-2025-46742 Users who were required to change their password could still access system information before changing their password 4.3 0.17% 2025-05-12 2026-06-17
CVE-2025-46741 A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred. 5.7 0.06% 2025-05-12 2026-06-17
CVE-2025-46740 An authenticated user without user administrative permissions could change the administrator Account Name. 7.5 0.27% 2025-05-12 2026-06-17
CVE-2025-46739 An unauthenticated user could discover account credentials via a brute-force attack without rate limiting 8.1 0.33% 2025-05-12 2026-06-17
CVE-2025-46738 An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. 6.6 0.15% 2025-05-12 2026-06-17
CVE-2025-46737 SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. 7.4 0.08% 2025-05-12 2026-06-17
CVE-2024-2103 Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 6.5 0.46% 2024-04-04 2026-06-17
«« 第一页 « 上一页 第 1 / 3 页 下一页 »
cvelogic Threat Intelligence