Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
Missing Authorization vulnerability in wproyal Bard bard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bard: from n/a through <= 2.229.
CVE-2025-31095
CRITICAL CVSS 9.8
Find Similar
Authentication Bypass Using an Alternate Path or Channel vulnerability in Hossein Material Dashboard material-dashboard allows Authentication Bypass.This issue affects Material Dashboard: from n/a thr
Missing Authorization vulnerability in paytiumsupport Paytium paytium.This issue affects Paytium: from n/a through <= 4.4.10.
Missing Authorization vulnerability in linethemes GLB glb allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GLB: from n/a through <= 1.2.2.
Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through <= 4.2.4.
A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed a user to see the names of private repositories that they wouldn't otherwise have access to in the Securit
Missing Authorization vulnerability in jegtheme JNews jnews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JNews: from n/a through <= 11.6.16.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with develop
CVE-2025-23504
CRITICAL CVSS 9.8
Find Similar
Authentication Bypass Using an Alternate Path or Channel vulnerability in RiceTheme Felan Framework felan-framework allows Authentication Abuse.This issue affects Felan Framework: from n/a through <=
Missing Authorization vulnerability in bdthemes ZoloBlocks zoloblocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ZoloBlocks: from n/a through <= 2.3.11.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.1 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to bypass WebAut
CVE-2025-45607
CRITICAL CVSS 9.8
Find Similar
An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request.
A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/status/. Performing manipulation results in improper authentication. The atta
CVE-2025-1740
CRITICAL CVSS 9.8
Find Similar
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Password Recovery Exploitation, Brute Force. This issue affects MyRezzta: fr
A vulnerability classified as problematic has been found in moonlightL hexo-boot 4.3.0. This affects an unknown part of the file /admin/home/index.html of the component Blog Backend. The manipulation
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed a suspended GitHub App to retain access to the repository via a scoped user access token. This was only
CVE-2024-50419
CRITICAL CVSS 9.8
Find Similar
Incorrect Authorization vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Green
Missing Authorization vulnerability in HashThemes Square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through 2.0.0.
CVE-2026-23906
CRITICAL CVSS 9.8
Find Similar
Affected Products and Versions * Apache Druid * Affected Versions: 0.17.0 through 35.x (all versions prior to 36.0.0) * Prerequisites: * druid-basic-security extension enabled * LDAP aut
Missing Authorization vulnerability in Projectopia Projectopia projectopia-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Projectopia: from n/a through
← Previous Page 5