Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Authorization Bypass Through User-Controlled Key vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to u
CVE-2025-58130
CRITICAL CVSS 9.1
Find Similar
Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to ve
Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0. Users are encouraged to upgrade to version 1.13
Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This issue affects Propovoice CRM: from n/a through 1.7.6.4.
Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects
Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4.
Authorization Bypass Through User-Controlled Key vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum:
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Verdure verdure allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Verdure: from
A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing a manipulatio
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Overton overton allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Overton: from
CVE-2025-43561
CRITICAL CVSS 9.1
Find Similar
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A hi
Authorization Bypass Through User-Controlled Key vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue af
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dolcino: from
Authorization Bypass Through User-Controlled Key vulnerability in AKIN Software Computer Import Export Industry and Trade Co. Ltd. QRMenu allows Privilege Abuse. This issue affects QRMenu: from 1.05.
Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.
Incorrect Authorization vulnerability in Apache APISIX. An attacker can capitalise on authz-casdoor plugin under default configuration to authenticate themselves with credentials from a different sou
Authorization Bypass Through User-Controlled Key vulnerability in Really Simple Plugins B.V. Really Simple Security Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This iss
Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection. This issue affects Education Ma
Missing Authorization vulnerability in raratheme Elegant Pink elegant-pink allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elegant Pink: from n/a through <=
Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue
Page 1+ Next →