CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 12021 筆結果
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2022-1984 This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate privileges via a malicious serialized payload. 4.5 0.17% 2022-07-19 2026-06-17
CVE-2022-2192 Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions. 7.5 0.76% 2022-07-19 2026-06-17
CVE-2022-2193 Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1. 7.5 0.67% 2022-07-19 2026-06-17
CVE-2022-3258 Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on Windows allows Authentication Abuse. 3.7 0.21% 2022-11-03 2026-06-17
CVE-2023-0834 Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on MacOS allows Privilege Escalation.This issue affects Workforce Access: from 6.12 before 8.1. 7.0 0.32% 2023-04-28 2026-06-17
CVE-2023-1477 Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows Authentication Abuse.This issue affects HYPR Keycloak Authenticator Extension: before 7.10.2, before 8.0.3. 7.2 0.62% 2023-04-28 2026-06-17
CVE-2023-1837 Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs) 8.5 0.55% 2023-05-23 2026-06-17
CVE-2023-5097 Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7. 7.0 0.19% 2024-01-16 2026-06-17
CVE-2023-6334 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7. 5.3 0.05% 2024-01-16 2026-06-17
CVE-2023-6335 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. 6.4 0.17% 2024-01-16 2026-06-17
CVE-2023-6336 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7. 7.2 0.17% 2024-01-16 2026-06-17
CVE-2024-0068 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows File Manipulation.This issue affects Workforce Access: before 8.7.1. 5.5 0.20% 2024-02-29 2026-06-17
CVE-2024-0069 Rejected reason: This CVE ID was unused by the CNA. 2023-11-27 2023-11-27
CVE-2024-0070 Rejected reason: This CVE ID was unused by the CNA. 2023-11-27 2023-11-27
CVE-2024-1721 Improper Verification of Cryptographic Signature vulnerability in HYPR Passwordless on Windows allows Malicious Software Update.This issue affects HYPR Passwordless: before 9.1. 5.6 0.11% 2024-05-21 2026-06-17
CVE-2024-8273 Authentication Bypass by Spoofing vulnerability in HYPR Server allows Identity Spoofing.This issue affects Server: before 10.1. 7.1 0.27% 2025-12-11 2026-06-17
CVE-2025-0372 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1. 5.9 0.05% 2025-05-21 2026-06-17
CVE-2025-2102 Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1. 5.7 0.12% 2025-05-21 2026-06-17
CVE-2026-1712 Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7. 5.8 0.29% 2026-03-25 2026-06-17
CVE-2026-2414 Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege Escalation.This issue affects Server: from 9.5.2 before 10.7.2. 5.6 0.29% 2026-03-25 2026-06-17
«« 第一頁 « 上一頁 第 1 / 2 頁 下一頁 »
cvelogic Threat Intelligence