CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2023-45318 A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit 80d4004. A specially crafted network packet can lead to arbitrary code executio... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-2163 Incorrect verifier pruningΒ in BPF in Linux KernelΒ >=5.4Β leads to unsafe code paths being incorrectly marked as safe, resulting inΒ arbitrary read/write in kernel memory, lateral privilege escalation, a... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-30116 Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downl... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2021-32495 Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-54914 Azure Networking Elevation of Privilege Vulnerability | 10.0 | CRITICAL | β | 0 |
| CVE-2025-24865 The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files witho... | 10.0 | CRITICAL | β | 0 |
| CVE-2015-8104 The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptio... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-41243 Spring Cloud Gateway Server Webflux may be vulnerable to Spring Environment property modification. An application should be considered vulnerable when all the following are true: * The applicatio... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-31273 Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-23615 A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-23621 A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-30225 Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-28189 Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (syml... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-3094 Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a ... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-48748 Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-6298 Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows Attacker to execute arbitrary code remotely | 10.0 | CRITICAL | β | 0 |
| CVE-2024-11186 On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-5407 A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on t... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-22216 In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, wi... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-47916 Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/f... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-46348 YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictab... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-48827 vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-34166 An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of HTTP requests can lead to arbitrar... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-28185 Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary fi... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-56799 Simofa is a tool to help automate static website building and deployment. Prior to version 0.2.7, due to a design mistake in the RouteLoader class, some API routes may be publicly accessible when they... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-36258 A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-36290 A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An at... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-39754 A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead to root access. An attacker can send packets t... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-23616 A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTE... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-5120 A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution (RCE). The v... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-54419 A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the (unsigned) original response document. This is different than the parts that ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-20418 A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remo... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-53767 Azure OpenAI Elevation of Privilege Vulnerability | 10.0 | CRITICAL | β | 0 |
| CVE-2025-50567 Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-50704 Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-32741 A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains hard coded password which is used for the privileged system user `root` and for the boot load... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-21777 An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead t... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-23830 SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandb... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-47190 Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary code as root. | 10.0 | CRITICAL | β | 0 |
| CVE-2021-1388 A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on a... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-30836 Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through ... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-37902 DeepJavaLibrary(DJL) is an Engine-Agnostic Deep Learning Framework in Java. DJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly int... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-51505 Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store.This issue affects Active Products Tables for W... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-2131 Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code. | 10.0 | CRITICAL | β | 0 |
| CVE-2021-27446 The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system. | 10.0 | CRITICAL | β | 0 |
| CVE-2021-26472 In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-26776 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell to a Web Server. This issue affects Chaty Pro: from n/a through 3.3.3. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-2973 An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass ... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-24898 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0, an unauthenticated token disclosure vulnerability in the MedEx callback endpoin... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-29384 Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin β JobWP.This issue affects WordPress Job Board and Recruitment Plugin β JobWP: fro... | 10.0 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.