Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36
Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers. This issue affects FlexCity/Kiosk: from 1.0 before
Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by A
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 be
In multiple locations there is a possible provisioning bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User in
Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro:
Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Login Disable allows Functionality Bypass.This issue affects Login Disable: from 0.0.0 before 2.1.3.
CVE-2025-54725
CRITICAL CVSS 9.8
Find Similar
Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo golo allows Authentication Abuse.This issue affects Golo: from n/a through <= 1.7.0.
Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent tickets by sending POST requests to
CVE-2024-54297
CRITICAL CVSS 9.8
Find Similar
Authentication Bypass Using an Alternate Path or Channel vulnerability in extremeidea vBSSO-lite vbsso-lite allows Authentication Bypass.This issue affects vBSSO-lite: from n/a through <= 1.4.3.
Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.
Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access.
Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft QR Menu allows Authentication Bypass. This issue affects QR Menu: from s1.05.07 before v1.05.12.
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadow
Authentication Bypass Using an Alternate Path or Channel vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.3.
Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain p
CVE-2025-31022
CRITICAL CVSS 9.8
Find Similar
Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU India PayU India payu-india allows Authentication Abuse.This issue affects PayU India: from n/a through < 3.8.8.
Page 1+ Next →