Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.
CVE-2024-38183
CRITICAL CVSS 9.8
Find Similar
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network.
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
CVE-2025-53795
CRITICAL CVSS 9.8
Find Similar
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network.
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
CVE-2024-49035
CRITICAL CVSS 9.8 KEV
Find Similar
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
CVE-2024-38182
CRITICAL CVSS 9.8
Find Similar
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary
Page 1+ Next →