Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability was identified in MEPIS RM, an industrial software product developed by Metronik. The application contained a hardcoded cryptographic key within the Mx.Web.ComponentModel.dll component
A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediat
An exposed IOCTL with an  insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOC
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduc
A reflected cross-site scripting (XSS) vulnerability on the homepage of Metronic Admin Dashboard Template v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecti
A security vulnerability was discovered in the local status page functionality of Cisco Meraki’s MX67 and MX68 security appliance models that may allow unauthenticated individuals to access and downlo
A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulatio
CVE-2025-6950
CRITICAL CVSS 9.9
Find Similar
An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens (JWT) used for
CVE-2026-1221
CRITICAL CVSS 9.3
Find Similar
PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to the database using hardcoded da
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. S
PrismX MX100 AP controller developed by BROWAN COMMUNICATIONS has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to allowing authenticated remote attackers
Incomplete cleanup in the ASP may expose the Master Encryption Key (MEK) to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially result
A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulatio
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results
A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation lead
A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been rated as problematic. This issue affects some unknown processing of the file /adm/index.php of the compone
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could al
CVE-2026-2584
CRITICAL CVSS 9.3
Find Similar
A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of
Page 1+ Next →