Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
An input validation vulnerability exists in the Rockwell Automation Sequence Manager™ which could allow a malicious user to send malformed packets to the server and cause a denial-of-service condition
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1
Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certai
Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from
An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary com
Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent. The vulnerability enables an attacker to execute arbitrary code within the Code Agent container. Exploiti
A remote command execution (RCE) vulnerability in the /goform/formReleaseConnect component of UTT Aggressive 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string.
CVE-2026-2587
CRITICAL CVSS 9.6
Find Similar
A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and evalu
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter.
CVE-2026-31059
CRITICAL CVSS 9.8
Find Similar
A remote command execution (RCE) vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string.
VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to assess the following vulnerabilities. The following vulnerabilities were reported to us by Sharon Briz
CVE-2019-25468
CRITICAL CVSS 9.3
Find Similar
NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the script_test.
CVE-2026-2586
CRITICAL CVSS 9.1
Find Similar
An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of a
CVE-2025-63414
CRITICAL CVSS 10.0
Find Similar
A Path Traversal vulnerability in the Allsky WebUI version v2024.12.06_06 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /ht