Bosch 漏洞與 CVE 列表(109)

產品(CPE): — CVE 數: 109

Bosch 漏洞概覽

彙總 Bosch 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

常見弱點模式包括 跨站腳本、路徑處理缺陷、緩衝區溢位與記憶體損壞,在 軟體部署與生產負載 使用場景中可能帶來 應用程式崩潰、記憶體損壞與工作階段劫持 等風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 120109 CVE 數
«« 第一頁 « 上一頁 第 1 / 6 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-60038 A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running Rexroth IndraWorks. [email protected] 7.8 0.29% 2026-02-18 2026-06-17
CVE-2025-60037 A vulnerability has been identified in Rexroth IndraWorks. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead to a complete compromise of the system running Rexroth IndraWorks. [email protected] 7.8 0.29% 2026-02-18 2026-06-17
CVE-2025-60036 A vulnerability has been identified in the UA.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lead [email protected] 7.8 0.37% 2026-02-18 2026-06-17
CVE-2025-60035 A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data. Exploitation requires user interaction, specifically opening a specially crafted file, which then causes the application to deserialize the malicious data, enabling Remote Code Execution (RCE). This can lea [email protected] 7.8 0.37% 2026-02-18 2026-06-17
CVE-2025-32056 The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified on Nissan Leaf ZE1 manufactured in 2020. [email protected] 4.0 0.27% 2026-01-22 2026-06-17
CVE-2023-48266 The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. [email protected] 8.1 0.76% 2024-01-10 2026-06-17
CVE-2023-48265 The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. [email protected] 8.1 0.76% 2024-01-10 2026-06-17
CVE-2023-48264 The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. [email protected] 8.1 0.76% 2024-01-10 2026-06-17
CVE-2023-48263 The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. [email protected] 8.1 0.76% 2024-01-10 2026-06-17
CVE-2023-48262 The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. [email protected] 8.1 0.76% 2024-01-10 2026-06-17
CVE-2023-48261 The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. [email protected] 5.3 0.62% 2024-01-10 2026-06-17
CVE-2023-48260 The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. [email protected] 5.3 0.62% 2024-01-10 2026-06-17
CVE-2023-48259 The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request. [email protected] 5.3 0.62% 2024-01-10 2026-06-17
CVE-2023-48258 The vulnerability allows a remote attacker to delete arbitrary files on the file system via a crafted URL or HTTP request through a victim’s session. [email protected] 5.5 0.24% 2024-01-10 2026-06-17
CVE-2023-48257 The vulnerability allows a remote attacker to access sensitive data inside exported packages or obtain up to Remote Code Execution (RCE) with root privileges on the device. The vulnerability can be exploited directly by authenticated users, via crafted HTTP requests, or indirectly by unauthenticated users, by accessing already-exported backup packages, or crafting an import package and inducing an authenticated victim into sending the HTTP upload request. [email protected] 7.8 0.54% 2024-01-10 2026-06-17
CVE-2023-48256 The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request. [email protected] 5.3 0.32% 2024-01-10 2026-06-17
CVE-2023-48255 The vulnerability allows an unauthenticated remote attacker to send malicious network requests containing arbitrary client-side script code and obtain its execution inside a victim’s session via a crafted URL, HTTP request, or simply by waiting for the victim to view the poisoned log. [email protected] 6.3 0.50% 2024-01-10 2026-06-17
CVE-2023-48254 The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim’s session via a crafted URL or HTTP request. [email protected] 5.3 0.31% 2024-01-10 2026-06-17
CVE-2023-48253 The vulnerability allows a remote authenticated attacker to read or update arbitrary content of the authentication database via a crafted HTTP request. By abusing this vulnerability it is possible to exfiltrate other users’ password hashes or update them with arbitrary values and access their accounts. [email protected] 8.8 0.87% 2024-01-10 2026-06-17
CVE-2023-48252 The vulnerability allows an authenticated remote attacker to perform actions exceeding their authorized access via crafted HTTP requests. [email protected] 8.8 0.64% 2024-01-10 2026-06-17
«« 第一頁 « 上一頁 第 1 / 6 頁 下一頁 »
cvelogic Threat Intelligence