Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the co
Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information.
Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information.
Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.
TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attackers may obtain sensitive user information (such as device
Vulnerability of improper access control in the album module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
A malicious user with administrative privileges in the web portal would be able to manipulate the Diagnostics module to obtain remote code execution on the local device as a low privileged user.
An attacker can get information about the groups of the smart home devices for arbitrary users (i.e., "rooms").
A vulnerability was found in InstantBits Web Video Cast App up to 5.12.4 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.
Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
CVE-2024-36439
CRITICAL CVSS 9.4
Find Similar
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password.
A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file /api/health/detailed of
Kanova Android App version 1.0.27 (package name com.karelane), developed by Karely L.L.C., contains improper access control vulnerabilities. Attackers may gain unauthorized access to user details and
A vulnerability exists in NSD570 that allows any authenticated user to access all device logs disclosing login information with timestamps.
In multiple locations, there is a possible way to access content across user profiles due to URI double encoding. This could lead to local information disclosure with no additional execution privilege
HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URL
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded cre
Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
← Previous Page 5