Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows attackers to execute system commands with root privileges. Attackers can exploit t
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross
CVE-2025-34043
CRITICAL CVSS 10.0
Find Similar
A remote command injection vulnerability exists in Vacron Network Video Recorder (NVR) devices v1.4 due to improper input sanitization in the board.cgi script. The vulnerability allows unauthenticated
Vacron Camera ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vacron Camera devices. Authe
A cross-site request forgery (CSRF) vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker can craft malicious requests that, when executed in the context of
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on
A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and
Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through insu
CVE-2024-58286
CRITICAL CVSS 9.3
Find Similar
dizqueTV 1.5.3 contains a remote code execution vulnerability that allows attackers to inject arbitrary commands through the FFMPEG Executable Path settings. Attackers can modify the executable path w
A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass th
A code injection vulnerability can allow a low-privileged user to overwrite files on that VSPC server, which can lead to remote code execution on VSPC server.
A vulnerability was detected in D-Link DSL-6641K N8.TR069.20131126. Affected by this issue is the function ad_virtual_server_vdsl of the component Web Interface. Performing a manipulation of the argum
A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a
The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component i
A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to co
A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an attacker to host a malicious webpage that remotely controlles the victim's lights.
A code injection vulnerability that allows a low-privileged user with REST API access granted to remotely upload arbitrary files to the VSPC server using REST API, leading to remote code execution on
Page 1+ Next →