CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 12060 筆結果
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-46748 An authenticated user attempting to change their password could do so without using the current password. 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-46744 An authenticated administrator could modify the Created By username for a user account 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-48015 Failed login response could be different depending on whether the username was local or central. 3.7 0.20% 2025-05-20 2026-06-17
CVE-2023-31152 An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface allows Authentication Bypass. See SEL Service Bulletin dated 2022-11-15 for more details. 4.0 0.36% 2023-05-10 2026-06-17
CVE-2023-2264 An improper input validation vulnerability in the Schweitzer Engineering Laboratories SEL-411L could allow a malicious actor to manipulate authorized users to click on a link that could allow undesired behavior. See product Instruction Manual Appendix A dated 20230830 for more details. 4.0 0.21% 2023-11-30 2026-06-17
CVE-2023-31166 An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to create folders in arbitrary paths of the file system. See SEL Service Bulletin dated 2022-11-15 for more details. 4.1 0.59% 2023-05-10 2026-06-17
CVE-2025-48016 OpenFlow discovery protocol can exhaust resources because it is not rate limited 4.3 0.18% 2025-05-20 2026-06-17
CVE-2025-46749 An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution. 4.3 0.22% 2025-05-12 2026-06-17
CVE-2025-46742 Users who were required to change their password could still access system information before changing their password 4.3 0.17% 2025-05-12 2026-06-17
CVE-2023-31177 An Improper Neutralization of Input During Web Page Generation  ('Cross-site Scripting') in the Schweitzer Engineering Laboratories SEL-451 could allow an attacker to craft a link that could execute arbitrary code on a victim's system. See product Instruction Manual Appendix A dated 20230830 for more details. 4.3 0.48% 2023-11-30 2026-06-17
CVE-2023-31165 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31164 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31163 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31160 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31159 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31158 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31157 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31156 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31155 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
CVE-2023-31154 An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code. See SEL Service Bulletin dated 2022-11-15 for more details. 4.3 0.44% 2023-05-10 2026-06-17
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
cvelogic Threat Intelligence