CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 12060 筆結果
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-48018 An authenticated user can modify application state data. 7.5 0.13% 2025-05-20 2026-06-17
CVE-2025-48017 Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files 9.0 0.39% 2025-05-20 2026-06-17
CVE-2025-48016 OpenFlow discovery protocol can exhaust resources because it is not rate limited 4.3 0.18% 2025-05-20 2026-06-17
CVE-2025-48015 Failed login response could be different depending on whether the username was local or central. 3.7 0.20% 2025-05-20 2026-06-17
CVE-2025-48014 Password guessing limits could be bypassed when using LDAP authentication. 7.5 0.36% 2025-05-20 2026-06-17
CVE-2025-46750 SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set. 4.4 0.15% 2025-05-12 2026-06-17
CVE-2025-46749 An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution. 4.3 0.22% 2025-05-12 2026-06-17
CVE-2025-46748 An authenticated user attempting to change their password could do so without using the current password. 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-46747 An authenticated user without user-management permissions could identify other user accounts. 5.7 0.26% 2025-05-12 2026-06-17
CVE-2025-46746 An administrator could discover another account's credentials. 5.8 0.19% 2025-05-12 2026-06-17
CVE-2025-46745 An authenticated user without user-management permissions could view other users account information. 6.5 0.26% 2025-05-12 2026-06-17
CVE-2025-46744 An authenticated administrator could modify the Created By username for a user account 2.7 0.20% 2025-05-12 2026-06-17
CVE-2025-46743 An authenticated user's token could be used by another source after the user had logged out prior to the token expiring. 6.3 0.06% 2025-05-12 2026-06-17
CVE-2025-46742 Users who were required to change their password could still access system information before changing their password 4.3 0.17% 2025-05-12 2026-06-17
CVE-2025-46741 A suspended or recently logged-out user could continue to interact with Blueframe until the time-out period occurred. 5.7 0.06% 2025-05-12 2026-06-17
CVE-2025-46740 An authenticated user without user administrative permissions could change the administrator Account Name. 7.5 0.27% 2025-05-12 2026-06-17
CVE-2025-46739 An unauthenticated user could discover account credentials via a brute-force attack without rate limiting 8.1 0.33% 2025-05-12 2026-06-17
CVE-2025-46738 An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. 6.6 0.15% 2025-05-12 2026-06-17
CVE-2025-46737 SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. 7.4 0.08% 2025-05-12 2026-06-17
CVE-2024-2103 Inclusion of undocumented features vulnerability accessible when logged on with a privileged access level on the following Schweitzer Engineering Laboratories relays could allow the relay to behave unpredictably: SEL-700BT Motor Bus Transfer Relay, SEL-700G Generator Protection Relay, SEL-710-5 Motor Protection Relay, SEL-751 Feeder Protection Relay, SEL-787-2/-3/-4 Transformer Protection Relay, SEL-787Z High-Impedance Differential Relay . See product instruction manual appendix A dated 202403 6.5 0.46% 2024-04-04 2026-06-17
«« 第一頁 « 上一頁 第 1 / 3 頁 下一頁 »
cvelogic Threat Intelligence