Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper Encoding or Escaping of Output vulnerability in Logo Software Inc. Logo Cloud allows Phishing. This issue affects Logo Cloud: before 2.57.
Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Resource Leak Exposure. This issue affects Logo Cloud: before 0.67.
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo Cloud allows Phishing, Forceful Browsing. This issue affects Logo Cloud: before 2025.R6.
CVE-2025-12059
CRITICAL CVSS 9.8
Find Similar
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access C
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA2) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA2) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA2) (All versions), LOGO!
Magento-lts is a long-term support alternative to Magento Community Edition (CE). This XSS vulnerability affects the design/header/welcome, design/header/logo_src, design/header/logo_src_small, and de
CWE-116 Improper Encoding or Escaping of Output vulnerability exists that could cause log injection and forged log when an attacker alters the POST /j_security check request payload.
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.
Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through < 5.5.5.
CVE-2025-62023
CRITICAL CVSS 9.0
Find Similar
Improper Control of Generation of Code ('Code Injection') vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through <= 250905.
A Stored Cross-Site Scripting security issue exists in the affected product that could potentially allow a malicious user to view and modify sensitive data or make the webpage unavailable. The vulnera
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Confirm Account
A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of the file /index.php/admin of the component Logo Handler. The manipula
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an
IPFire versions prior to 2.29 (Core Update 198) contain multiple stored cross-site scripting (XSS) vulnerabilities caused by a bug in the cleanhtml() function (/var/ipfire/header.pl) that fails to app
Improper Digital Signature Invalidation  vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: fr
A security vulnerability has been detected in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the component SVC Report Export. Such manipulation leads to
A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service.
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the UR
Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue affects Pro Cloud Server: earlier than 6.0.165.
Page 1+ Next →