Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
3 CRITICAL6 HIGH11 MEDIUM
CVE-2024-42023
HIGH CVSS 8.8
Find Similar
An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.
veeam
NVD RRF 0.012
CVE-2025-34273
HIGH CVSS 7.1
Find Similar
Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability that allows non-administrator users to delete global dashboards. The application did not correctly enfor
nagios
NVD RRF 0.012
CVE-2023-41688
MEDIUM CVSS 5.4
Find Similar
Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFoll
NVD RRF 0.012
CVE-2023-46195
MEDIUM CVSS 6.5
Find Similar
Missing Authorization vulnerability in CoSchedule Headline Analyzer headline-analyzer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headline Analyzer: from
NVD RRF 0.012
CVE-2025-10466
MEDIUM CVSS 5.9
Find Similar
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Safe Access in Synology Safe Access before 1.3.1-0329 allows remote authenticated users with admin
synology
NVD RRF 0.012
CVE-2025-9152
CRITICAL CVSS 9.8
Find Similar
An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration (DCR) endpoint
wso2
NVD RRF 0.012
CVE-2025-6949
CRITICAL CVSS 9.3
Find Similar
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A critical authorization flaw in the API allows an authenticated, low-priv
NVD RRF 0.011
CVE-2024-39758
MEDIUM CVSS 5.1
Find Similar
Improper access control for some Intel(R) Arc™ & Iris(R) Xe graphics software before version 31.0.101.4032 may allow an authenticated user to potentially enable denial of service via local access.
NVD RRF 0.011
CVE-2025-66445
HIGH CVSS 7.1
Find Similar
Authorization bypass vulnerability in Hitachi Infrastructure Analytics Advisor (Data Center Analytics component) and Hitachi Ops Center Analyzer (Hitachi Ops Center Analyzer detail view component).Thi
NVD RRF 0.011
CVE-2024-13987
MEDIUM CVSS 5.9
Find Similar
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server allows remote authenticated users with administrator privileges to read or
NVD RRF 0.011
CVE-2025-6894
MEDIUM CVSS 5.3
Find Similar
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authorization logic of the affected device allows an aut
NVD RRF 0.011
CVE-2025-34274
CRITICAL CVSS 9.3
Find Similar
Nagios Log Server versions prior to 2024R2.0.3 contain an execution with unnecessary privileges vulnerability as it runs its embedded Logstash process as the root user. If an attacker is able to compr
nagios
NVD RRF 0.011
CVE-2025-9804
MEDIUM CVSS 6.5
Find Similar
An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user
wso2
NVD RRF 0.011
CVE-2017-20238
HIGH CVSS 7.1
Find Similar
Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorization vulnerability that allows read-only users to gain write access to managed de
NVD RRF 0.011
CVE-2025-34287
HIGH CVSS 8.4
Find Similar
Nagios XI versions prior to 2024R2 contain an improperly owned script, process_perfdata.pl, which is executed periodically as the nagios user but owned by www-data. Because the file was writable by ww
nagios
NVD RRF 0.011
CVE-2025-20305
MEDIUM CVSS 4.9
Find Similar
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists b
cisco
NVD RRF 0.010
CVE-2026-20037
MEDIUM CVSS 4.4
Find Similar
A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions
NVD RRF 0.010
CVE-2026-0235
MEDIUM CVSS 5.8
Find Similar
A race condition vulnerability in Palo Alto Networks Prisma® Browser enables a locally authenticated non-admin user to bypass certain access and data control policies.
NVD RRF 0.010
CVE-2025-4233
MEDIUM CVSS 5.1
Find Similar
An insufficient implementation of cache vulnerability in Palo Alto Networks Prisma® Access Browser enables users to bypass certain data control policies.
NVD RRF 0.010
CVE-2026-40715
HIGH CVSS 7.8
Find Similar
Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, lea
dell
NVD RRF 0.010
← Previous Page 2+ Next →