Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2024-38194
CRITICAL CVSS 9.9
Find Similar
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-42822
CRITICAL CVSS 10.0
Find Similar
Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.
Unauthorised access to the call forwarding service system in MeetMe products in versions prior to 2024-09 allows an attacker to identify multiple users and perform brute force attacks via extensions.
Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
CVE-2025-64656
CRITICAL CVSS 9.8
Find Similar
Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-1393
CRITICAL CVSS 9.8
Find Similar
An unauthenticated remote attacker can use hard-coded credentials to gain full administration privileges on the affected product.
The vulnerability allows an unauthenticated attacker to access information in PAM database.
Improper access control in Microsoft Management Console allows an authorized attacker to elevate privileges locally.