CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 12060 筆結果
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2023-31149 An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. 9.1 1.09% 2023-05-10 2026-06-17
CVE-2023-31148 An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. 9.1 1.09% 2023-05-10 2026-06-17
CVE-2025-48017 Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files 9.0 0.39% 2025-05-20 2026-06-17
CVE-2023-31175 An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 8.8 0.42% 2023-08-31 2026-06-17
CVE-2023-34392 A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run arbitrary commands on managed devices by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 8.2 0.45% 2023-08-31 2026-06-17
CVE-2025-46739 An unauthenticated user could discover account credentials via a brute-force attack without rate limiting 8.1 0.33% 2025-05-12 2026-06-17
CVE-2023-31150 A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details. 8.0 0.47% 2023-05-10 2026-06-17
CVE-2023-31173 Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator on Windows allows Authentication Bypass. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 7.7 0.20% 2023-08-31 2026-06-17
CVE-2025-48018 An authenticated user can modify application state data. 7.5 0.13% 2025-05-20 2026-06-17
CVE-2025-48014 Password guessing limits could be bypassed when using LDAP authentication. 7.5 0.36% 2025-05-20 2026-06-17
CVE-2025-46740 An authenticated user without user administrative permissions could change the administrator Account Name. 7.5 0.27% 2025-05-12 2026-06-17
CVE-2023-31176 An Insufficient Entropy vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow an unauthenticated remote attacker to brute-force session tokens and bypass authentication.  See product Instruction Manual Appendix A dated 20230830 for more details. 7.5 0.93% 2023-11-30 2026-06-17
CVE-2025-46737 SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. 7.4 0.08% 2025-05-12 2026-06-17
CVE-2023-34391 Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033 AcSELerator RTAC Software on Windows allows Leveraging/Manipulating Configuration File Search Paths. See Instruction Manual Appendix A [Cybersecurity] tag dated 20230522 for more details. This issue affects SEL-5033 AcSELerator RTAC Software: before 1.35.151.21000. 7.4 0.13% 2023-08-31 2026-06-17
CVE-2023-31174 A Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. 7.4 0.20% 2023-08-31 2026-06-17
CVE-2023-2310 A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer Engineering Laboratories SEL Real-Time Automation Controller (RTAC) could allow a remote attacker to perform a man-in-the-middle (MiTM) that could result in denial of service. See the ACSELERATOR RTAC SEL-5033 Software instruction manual date code 20210915 for more details. 6.8 0.50% 2023-05-10 2026-06-17
CVE-2025-46738 An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. 6.6 0.15% 2025-05-12 2026-06-17
CVE-2025-46745 An authenticated user without user-management permissions could view other users account information. 6.5 0.26% 2025-05-12 2026-06-17
CVE-2024-2103 Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 6.5 0.46% 2024-04-04 2026-06-17
CVE-2023-34388 An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote unauthenticated attacker to potentially perform session hijacking attack and bypass authentication. See product Instruction Manual Appendix A dated 20230830 for more details. 6.5 0.91% 2023-11-30 2026-06-17
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
cvelogic Threat Intelligence