聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2018-15630 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15631 | Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request. | 6.5 | 1.40% | 2019-04-09 | 2026-06-16 |
| CVE-2018-15632 | Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials. | 9.1 | 1.17% | 2020-12-22 | 2026-06-16 |
| CVE-2018-15633 | Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames. | 6.1 | 0.88% | 2020-12-22 | 2026-06-16 |
| CVE-2018-15634 | Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link. | 6.1 | 0.90% | 2020-12-22 | 2026-06-16 |
| CVE-2018-15635 | Cross-site scripting vulnerability in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote attackers to inject arbitrary web script in the browser of an internal user of the system by tricking them into inviting a follower on a document with a crafted name. | 5.9 | 1.00% | 2019-04-09 | 2026-06-16 |
| CVE-2018-15636 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15637 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15638 | Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted channel names. | 5.4 | 0.69% | 2020-12-22 | 2026-06-16 |
| CVE-2018-15639 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15640 | Improper access control in the Helpdesk App of Odoo Enterprise 10.0 through 12.0 allows remote authenticated attackers to obtain elevated privileges via a crafted request. | 8.8 | 7.92% | 2019-04-09 | 2026-06-16 |
| CVE-2018-15641 | Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes. | 5.4 | 0.70% | 2020-12-22 | 2026-06-16 |
| CVE-2018-15642 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15643 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15644 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15645 | Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier allows remote authenticated users to create arbitrary records via crafted payloads, which may allow privilege escalation. | 6.5 | 0.87% | 2020-12-22 | 2026-06-16 |
| CVE-2018-15646 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15647 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15648 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |
| CVE-2018-15649 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none. | 無 | 無 | 2023-05-12 | 2023-11-06 |