Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and per
ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenti
CVE-2025-12420
CRITICAL CVSS 9.3
Find Similar
A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitle
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnera
CVE-2026-0542
CRITICAL CVSS 9.2
Find Similar
ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could enable an unauthenticated user, in certain circumstances, to
CVE-2024-5217
CRITICAL CVSS 9.2 KEV
Find Similar
ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated us
CVE-2024-4879
CRITICAL CVSS 9.3 KEV
Find Similar
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely
ServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user
CVE-2024-8923
CRITICAL CVSS 9.3
Find Similar
ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context
Missing Authorization vulnerability in Basar Ventures AutoWP autowp-ai-content-writer-rewriter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AutoWP: from n
A broken access control may allow an authenticated user to perform a horizontal privilege escalation. The vulnerability only impacts specific configurations.
Missing Authorization vulnerability in boxnow BOX NOW Delivery box-now-delivery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BOX NOW Delivery: from n/a th
Missing Authorization vulnerability in Bertha AI – Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a
Missing Authorization vulnerability in Bertha AI – Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a
Missing Authorization vulnerability in Ability, Inc Accessibility Suite online-accessibility allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Su
There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can el
Missing Authorization vulnerability in Bertha AI – Andrew Palmer BERTHA AI bertha-ai-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BERTHA AI: from n/a
Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamics 365 Integration: from n/a t
Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6.
Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamics 365 Integration: from n/a t
Page 1+ Next →