Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2024-32499
CRITICAL CVSS 9.8
Find Similar
Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.
CVE-2025-35051
CRITICAL CVSS 9.2
Find Similar
Newforma Project Center Server (NPCS) accepts serialized .NET data via the '/ProjectCenter.rem' endpoint on 9003/tcp, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUT
CVE-2025-52385
CRITICAL CVSS 9.8
Find Similar
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.
CVE-2025-35050
CRITICAL CVSS 9.3
Find Similar
Newforma Info Exchange (NIX) accepts serialized .NET data via the '/remoteweb/remote.rem' endpoint, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkServ
Cross Site Scripting vulnerability in Xunrui CMS Public Edition v.4.6.1 allows a remote attacker to execute arbitrary code via the project name function in the project settings tab.
CVE-2025-37099
CRITICAL CVSS 9.8
Find Similar
A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.
CVE-2025-30085
CRITICAL CVSS 9.2
Find Similar
Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the ex
Cross Site Scripting vulnerability in M2000 Smart4Web before v.5.020241004 allows a remote attacker to execute arbitrary code via the error parameter in URL
Page 1+ Next →