Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The manip
CVE-2024-42777
CRITICAL CVSS 9.8
Find Similar
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=signup" of Kashipara Music Management System v1.0, which allows attackers to execute arbitrary code via uploading a craft
CVE-2025-69079
CRITICAL CVSS 9.8
Find Similar
Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: fro
In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6. Reported by Alpha Inferno PVT LTD.
A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. The manipulation of
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music/controller.php?page=edit_user&id=3 in Kashipara Music Management System v1.0. This vulnerability allows an u
A vulnerability was found in Tencent Music Entertainment SuperSonic up to 0.9.8. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/semantic/database/
Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Incorrect access control in the firmware update and download processes of Yamaha Headphones Controller v1.6.7 allows attackers to access sensitive information by analyzing the code and data within the
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine
An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations.
Music Player Daemon (MPD) before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPT_FOLLOWLOCATION is set without CURLOPT_REDIR_PROTOCOLS_STR, allowi
Permission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been declared as critical. This vulnerability affects unknown code of the file /admin/pages/list. The manipulation of the argument blocks l
CVE-2024-42797
CRITICAL CVSS 9.8
Find Similar
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete
Music Assistant is an open-source media library manager that integrates streaming services with connected speakers. Versions 2.6.3 and below allow unauthenticated network-adjacent attackers to execute
An authenticated user with upload permission to a hosted repository can store content that causes arbitrary JavaScript to execute in the browser of any user who browses that repository directory via t
A vulnerability has been found in Mp3tag up to 3.26d and classified as problematic. This vulnerability affects unknown code in the library tak_deco_lib.dll of the component DLL Handler. The manipulati
Page 1+ Next →