CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 12013346 筆結果
«« 第一頁 « 上一頁 第 1 / 668 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2021-34473 KEV Microsoft Exchange Server Remote Code Execution Vulnerability 9.1 100.00% 2021-07-14 2026-06-16
CVE-2021-26855 KEV Microsoft Exchange Server Remote Code Execution Vulnerability 9.1 100.00% 2021-03-02 2026-06-16
CVE-2019-0708 KEV A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. 9.8 100.00% 2019-05-16 2026-06-16
CVE-2015-1635 KEV HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability." 9.8 100.00% 2015-04-14 2026-06-16
CVE-2012-0158 KEV The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web 8.8 99.99% 2012-04-10 2026-06-16
CVE-2021-34523 KEV Microsoft Exchange Server Elevation of Privilege Vulnerability 9.0 99.99% 2021-07-14 2026-06-16
CVE-2025-53770 KEV Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation. 9.8 99.98% 2025-07-19 2026-06-17
CVE-2020-0688 KEV A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. 8.8 99.97% 2020-02-11 2026-06-16
CVE-2022-41082 KEV Microsoft Exchange Server Remote Code Execution Vulnerability 8.0 99.96% 2022-10-02 2026-06-17
CVE-2025-59287 KEV Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. 9.8 99.96% 2025-10-14 2026-06-17
CVE-2021-27065 KEV Microsoft Exchange Server Remote Code Execution Vulnerability 7.8 99.95% 2021-03-02 2026-06-16
CVE-2022-41040 KEV Microsoft Exchange Server Elevation of Privilege Vulnerability 8.8 99.94% 2022-10-02 2026-06-17
CVE-2017-11882 KEV Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884. 7.8 99.94% 2017-11-14 2026-06-16
CVE-2017-0199 KEV Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." 7.8 99.93% 2017-04-12 2026-06-16
CVE-2019-0604 KEV A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. 9.8 99.91% 2019-03-05 2026-06-16
CVE-2025-49704 KEV Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. 8.8 99.91% 2025-07-08 2026-06-17
CVE-2025-53771 Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. 6.5 99.89% 2025-07-20 2026-06-17
CVE-2025-49706 KEV Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. 6.5 99.88% 2025-07-08 2026-06-17
CVE-2020-0796 KEV A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'. 10.0 99.81% 2020-03-12 2026-06-16
CVE-2021-31207 KEV Microsoft Exchange Server Security Feature Bypass Vulnerability 6.6 99.78% 2021-05-11 2026-06-16
«« 第一頁 « 上一頁 第 1 / 668 頁 下一頁 »
cvelogic Threat Intelligence