Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.
External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-33053
HIGH CVSS 8.8 KEV
Find Similar
External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.
External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-24054
MEDIUM CVSS 5.4 KEV
Find Similar
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
External control of file name or path in Windows Kernel allows an authorized attacker to elevate privileges locally.
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2026-47643
CRITICAL CVSS 9.8
Find Similar
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network.
External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
Page 1+ Next →