Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-49603
CRITICAL CVSS 9.1
Find Similar
Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 has Incorrect Access Control.
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS.
Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control.
Northern.tech CFEngine Enterprise Mission Portal 3.24.0, 3.21.5, and below allows XSS. The fixed versions are 3.24.1 and 3.21.6.
CVE-2025-53867
CRITICAL CVSS 9.8
Find Similar
Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.21.0), Mendix Runtime V10.12 (All versions < V10.12.16), Mendix Runtime V10.18 (All versions < V10.18.5), Mendix Runtime V
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON
Uncontrolled search path for some Intel(R) Fortran Compiler Classic software before version 2021.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
N-central versions < 2025.4 are vulnerable to multiple XML External Entities injection leading to information disclosure
Page 1+ Next →