Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability has been found in Totolink NR1800X 9.1.0u.6279_B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipula
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as critical. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the comp
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulati
A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface.  Tamp
CVE-2025-25270
CRITICAL CVSS 9.8
Find Similar
An unauthenticated remote attacker can alter the device configuration in a way to get remote code execution as root with specific configurations.
NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate permissions. A successful exploit of this vulnerability might lead to code execution, escalation of privile
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to deter
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of t
A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) c
An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The vulnerability occurs bec
A path traversal in StarNet Communications Corporation FastX v.4 through v4.1.51 allows unauthenticated attackers to read arbitrary files.
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
CVE-2025-20358
CRITICAL CVSS 9.8
Find Similar
A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissio
An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router firmware V9.1.0u.6619_B20230130 within the cstecgi.cgi binary (sub_41EC68 function). The binary reads the "ime
CVE-2024-41171
CRITICAL CVSS 9.3
Find Similar
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All versions < V5.24), SINUMERIK 840D sl V4 (All versions), SINUMERIK ONE (All versions < V6.24). Affected d
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid
NVIDIA Jetson AGX Orin™ and NVIDIA IGX Orin software contain a vulnerability where an attacker can cause an improper input validation issue by escalating certain permissions to a limited degree. A suc
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to exec
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.4). Affected application contains a local privilege escalation vulnerability that could allow an attacker to run