Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of confi
CVE-2026-22909
CRITICAL CVSS 9.1
Find Similar
Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed applications, potentially disrupting system operations.
CVE-2024-35293
CRITICAL CVSS 9.1
Find Similar
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.
Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication.
A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt ser
An low privileged remote attacker can enforce the watchdog of the affected devices to reboot the PLC due to incorrect default permissions of a config file.
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by using lower-level functions to interact with the device.
A low-privileged remote attacker could gain unauthorized access to critical resources, such as firmware and certificates, due to improper permission handling during the runtime of services (e.g., FTP/
CVE-2025-8286
CRITICAL CVSS 9.3
Find Similar
The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device.
CVE-2026-22910
CRITICAL CVSS 9.1
Find Similar
The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the sy
A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpe
An authenticated user with low privileges can exploit a missing authorization check in an IBS module of FS-RBD, allowing unauthorized access to perform actions beyond their intended permissions. This
Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions.
Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable lo
An attacker with low privileges may be able to read files from specific directories on the device, potentially exposing sensitive information.
A low-privileged attacker in bluetooth range may be able to access the password of a higher-privilege user (Maintenance) by viewing the device’s event log. This vulnerability could allow the Operator
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.
Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a hi
A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpect
Page 1+ Next →