Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration.
Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication.
Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions.
Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication.
Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service.
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication.
Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data.
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required f
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability.
A vulnerability was found in a466350665 Smart-SSO up to 2.1.1. Affected by this issue is some unknown functionality of the file smart-sso-server/src/main/resources/templates/login.html of the componen
LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive information via the firmware update process.
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vu
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.
CVE-2024-48786
CRITICAL CVSS 9.1
Find Similar
An issue in SWITCHBOT INC SwitchBot (com.theswitchbot.switchbot) 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process.
CVE-2026-23813
CRITICAL CVSS 9.8
Find Similar
A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls
An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0
An issue in Aginode GigaSwitch V5 before version 7.06G allows authenticated attackers with Administrator privileges to upload an earlier firmware version, exposing the device to previously patched vul
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue affects AION: 2.0.
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.
Page 1+ Next →