Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Missing Authorization vulnerability in virtuellwerk canvasio3D Light canvasio3d-light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects canvasio3D Light: from
An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0
Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality.
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP str
Missing Authorization vulnerability in slui Media Hygiene media-hygiene allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Hygiene: from n/a through <= 4.
A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611. It has been declared as problematic. This vulnerability affects unknown code of the component RTSP Live Video Stream Endpoint. The manip
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been rated as critical. Affected by this issue is some unknown functionality of the file /action/upload_file. The manipulation le
CVE-2025-10264
CRITICAL CVSS 10.0
Find Similar
Certain models of NVR developed by Digiever has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remoter attackers to access the system configuration file and obtain plaint
Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real 3D
Missing Authorization vulnerability in Mateusz Czardybon Justified Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Justified Gallery: from n/a throug
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interac
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308 and classified as problematic. This issue affects some unknown processing of the component Device Registration. The manipulation of the a
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/passwd of the component
CVE-2025-2345
CRITICAL CVSS 9.3
Find Similar
A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. I
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcam_cgi. The manipulation of th
CVE-2024-27113
CRITICAL CVSS 9.3
Find Similar
An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulner
A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automação e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The ma
CVE-2024-41623
CRITICAL CVSS 9.8
Find Similar
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload