Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/editPayment.php. The manip
The superduper project thru v0.10.0 contains a critical remote code execution vulnerability in its query parsing component. The _parse_op_part() function in query.py uses the unsafe eval() function to
A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component Fil
Soft Serve is a self-hostable Git server for the command line. Prior to 0.7.5, it is possible for a user who can commit files to a repository hosted by Soft Serve to execute arbitrary code via environ
A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /ro
A vulnerability was found in code-projects Product Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit_user.php. The manipulation of the
A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add_members.php. This vulnerability affects the file upload functionality, where improper file saniti
A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input.
A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST reques
A vulnerability has been found in code-projects Product Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation o
CVE-2025-30247
CRITICAL CVSS 9.3
Find Similar
An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a speci
A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/mod_room/controller.php
A vulnerability has been found in DeDeveloper23 codebase-mcp up to 3ec749d237dd8eabbeef48657cf917275792fde6. This vulnerability affects the function getCodebase/getRemoteCodebase/saveCodebase of the f
CVE-2025-24480
CRITICAL CVSS 9.3
Find Similar
A Remote Code Execution Vulnerability exists in the product and version listed above. The vulnerability is due to lack of input sanitation and could allow a remote attacker to run commands or code as
A client-side remote code execution vulnerability exists in Hanwha Techwin Smart Security Manager (SSM) versions 1.32 and 1.4, due to improper restrictions on the PUT method exposed by the bundled Apa
A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without proper validation. The Pyt
A vulnerability classified as critical has been found in 299Ko CMS 2.0.0. This affects an unknown part of the file /admin/filemanager/view of the component File Management. The manipulation leads to u
A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language results in
A vulnerability, which was classified as problematic, was found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation of the argument motto leads to cr