Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2025-9288
CRITICAL CVSS 9.1
Find Similar
Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.
CVE-2025-9287
CRITICAL CVSS 9.1
Find Similar
Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.
CVE-2024-10865
CRITICAL CVSS 9.4
Find Similar
Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5.
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. If you are using the switch task plu
CVE-2025-6547
CRITICAL CVSS 9.1
Find Similar
Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation.This issue affects pbkdf2: <=3.1.2.
CVE-2025-6545
CRITICAL CVSS 9.1
Find Similar
Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: fr
Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3
CVE-2026-27304
CRITICAL CVSS 9.3
Find Similar
ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitatio
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects Access Manager before 5.0.4.1 and 5.1.
A stored Cross-Site Scripting (XSS) vulnerability exists in the stitionai/devika chat feature, allowing attackers to inject malicious payloads into the chat input. This vulnerability is due to the lac
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6
Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue affects Pro Cloud Server: earlier than 6.0.165.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MiKa OSM osm allows DOM-Based XSS.This issue affects OSM: from n/a through <= 6.1.13.
CVE-2025-43560
CRITICAL CVSS 9.1
Find Similar
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A
CVE-2025-43559
CRITICAL CVSS 9.1
Find Similar
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed DOM-based cross-site scripting via task list content. The task list content extraction logic d
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MiKa OSM osm.This issue affects OSM: from n/a through <= 6.1.2.
Page 1+ Next →