CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 120277 筆結果
«« 第一頁 « 上一頁 第 1 / 14 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-53190 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 0.01% 2025-08-11 2025-08-21
CVE-2025-53189 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 0.01% 2025-08-11 2025-08-21
CVE-2025-53188 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 0.01% 2025-08-11 2025-08-21
CVE-2025-53191 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. 0.02% 2025-08-11 2025-08-21
CVE-2022-34838 Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user. 8.1 0.05% 2022-08-24 2026-06-17
CVE-2020-11639 An attacker could exploit the vulnerability by injecting garbage data or specially crafted data. Depending on the data injected each process might be affected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing the product to store wrong information or act on wrong data or display wrong information. This issue affects Advant MOD 300 AdvaBuild: from 3 7.8 0.06% 2024-07-23 2026-06-16
CVE-2024-8315 An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL <4.4-00P5 may allow an authenticated local attacker to read credential information. 6.8 0.06% 2025-03-25 2026-06-17
CVE-2024-13948 Windows permissions for ASPECT configuration toolsets are not fully secured allow-ing exposure of configuration informationThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. 6.9 0.06% 2025-05-22 2026-06-17
CVE-2025-3394 Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. 8.5 0.07% 2025-04-30 2026-06-17
CVE-2025-13162 Uncontrolled Search Path Element vulnerability in ABB Control Builder A, ABB 800xA for Advant Master. This issue affects Control Builder A: through 1.4/4; 800xA for Advant Master: through 6.0.3-1, through 6.1.1-1, 6.1.1-3, 6.2.0-1. 4.1 0.08% 2026-06-23 2026-06-25
CVE-2025-3395 Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0. 8.4 0.08% 2025-04-30 2026-06-17
CVE-2025-9970 Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21. 5.7 0.09% 2025-10-08 2026-06-17
CVE-2024-10334 A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.  An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X. 7.0 0.09% 2025-02-10 2026-06-17
CVE-2026-0936 An Insertion of Sensitive Information into Log File vulnerability in B&R PVI client versions prior to 6.5 may be abused by an authenticated local attacker to gather credential information which is processed by the PVI client application. The logging function of the PVI client application is disabled by default and must be explicitly enabled by the user. 5.1 0.10% 2026-01-29 2026-06-17
CVE-2025-7064 Authentication bypass by primary weakness vulnerability in ABB Freelance. This issue affects Freelance: through 2013, 2013 SP1, 2016, 2016 SP1, 2019, 2019 SP1, 2019 SP1 FP1, 2024. 5.6 0.12% 2026-06-11 2026-06-17
CVE-2024-45482 An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B&R APROL <4.4-00P1 may allow an authenticated local attacker from a trusted remote server to execute malicious commands. 8.5 0.12% 2025-03-25 2026-06-17
CVE-2024-45481 An Incomplete Filtering of Special Elements vulnerability in scripts using the SSH server on B&R APROL <4.4-00P5 may allow an authenticated local attacker to authenticate as another legitimate user. 8.5 0.12% 2025-03-25 2026-06-17
CVE-2021-22278 A certificate validation vulnerability in PCM600 Update Manager allows attacker to get unwanted software packages to be installed on computer which has PCM600 installed. 6.7 0.12% 2021-10-28 2026-06-16
CVE-2024-4009 Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System 7.3 0.13% 2024-06-05 2026-06-17
CVE-2024-10209 An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in B&R APROL <4.4-01 may allow an authenticated local attacker to read and alter the configuration of another engineering or runtime user. 8.5 0.13% 2025-03-25 2026-06-17
«« 第一頁 « 上一頁 第 1 / 14 頁 下一頁 »
cvelogic Threat Intelligence