Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A user with advanced report application access rights can perform actions for which they are not authorized
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
An authenticated user without user-management permissions could view other users account information.
An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope.
IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized actions due to improper access controls.
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to escalate privileges via the "/user" endpoint
Incorrect access control in M2Soft CROWNIX Report & ERS affected v7.x to v7.4.3.599 and v8.x to v8.0.3.79 allows unauthorized attackers to obtain Administrator account access.
Improper access control for some Intel(R) Arc(TM) Pro Graphics for Windows drivers before version 31.0.101.5319 may allow an authenticated user to potentially enable escalation of privilege via adjace
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
A improper handling of insufficient permissions or privileges in Fortinet FortiPAM 1.4.0 through 1.4.1, 1.3.0, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSRA 1.4.0 through 1.4.1 allows atta
An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.
CVE-2025-2767
CRITICAL CVSS 9.6
Find Similar
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Fire
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope.
CVE-2025-59230
HIGH CVSS 7.8 KEV
Find Similar
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
Page 1+ Next →