CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-44005 An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-32888 The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs) available in the Java Platform, Enterpri... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-54339 An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 exploitable remotely for Escalation of Privileges. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-2577 The WhatsApp bridge component in Nanobot binds the WebSocket server to all network interfaces (0.0.0.0) on port 3001 by default and does not require authentication for incoming connections. An unauthe... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-2421 Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitra... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-62521 ChurchCRM is an open-source church management system. Prior to version 5.21.0, a pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard allows unauthenticated attackers to ... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-64126 An OS command injection vulnerability exists due to improper input validation. The application accepts a parameter directly from user input without verifying it is a valid IP address or filtering po... | 10.0 | CRITICAL | β | 0 |
| CVE-2017-12905 Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information or execute arbitrary code via the url parameter to Launderer.php. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-28354 There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb[%d].username in... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-40805 Affected devices do not properly enforce user authentication on specific API endpoints. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitima... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-61956 Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, pote... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-54863 Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, au... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-47875 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-9846 Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information Technology Industry Inc. Inka.Net allows Command Injection.This issue affects Inka.Net: before 6.7.1. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-55730 XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Starting in version 1.0 and prior to version 1.26.5, missing escaping of the title in the co... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-29902 Remote code execution that allows unauthorized users to execute arbitrary code on the server machine. | 10.0 | CRITICAL | β | 0 |
| CVE-2025-4285 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technologies Agentis allows SQL Injection.This issue affects Agentis: before ... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-31491 Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interfac... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-53767 Azure OpenAI Elevation of Privilege Vulnerability | 10.0 | CRITICAL | β | 0 |
| CVE-2024-32741 A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains hard coded password which is used for the privileged system user `root` and for the boot load... | 10.0 | CRITICAL | β | 0 |
| CVE-2020-6932 An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to poten... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-51555 Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.Β Affect... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-3499 The device has two web servers that expose unauthenticated REST APIs on the management network (TCP ports 8084 and 8086). Exploiting OS command injection through these APIs, an attacker can send arbit... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-59528 Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input conf... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-50704 Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute arbitrary code via a specially crafted HTTP POST request. | 10.0 | CRITICAL | β | 0 |
| CVE-2019-5644 Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticate... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-24816 JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as th... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2022-32548 An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab f... | 10.0 | CRITICAL | β | 0 |
| CVE-2013-3542 Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded a... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-46161 pdfmake is an open source client/server side PDF printing in pure JavaScript. In versions up to and including 0.2.5 pdfmake contains an unsafe evaluation of user controlled input. Users of pdfmake are... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-32845 This issue was addressed with improved checks. This issue is fixed in watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to break out of its sandbox. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-27767 CWE-287: Improper Authentication may allow Authentication Bypass | 10.0 | CRITICAL | β | 0 |
| CVE-2022-31481 An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, ... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-33885 An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to send the device malicious data that will be used i... | 10.0 | CRITICAL | β | 0 |
| CVE-2020-6769 Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streamin... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-6723 An unrestricted file upload vulnerability has been identified in Repbox, which allows an attacker to upload malicious files via the transforamationfileupload function, due to the lack of proper file t... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-26389 A vulnerability has been identified in OZW672 (All versions < V8.0), OZW772 (All versions < V8.0). The web service in affected devices does not sanitize the input parameters required for the `exportDi... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-20282 A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the un... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-42890 SQL Anywhere Monitor (Non-GUI) baked credentials into the code,exposing the resources or functionality to unintended users and providing attackers with the possibility of arbitrary code execution.This... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-32169 Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network. | 10.0 | CRITICAL | β | 0 |
| CVE-2024-48966 The software tools used by service personnel to test & calibrate the ventilator do not support user authentication. An attacker with access to the Service PC where the tools are installed could obtain... | 10.0 | CRITICAL | β | 0 |
| CVE-2023-26477 XWiki Platform is a generic wiki platform. Starting in versions 6.3-rc-1 and 6.2.4, it's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the `newThemeN... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-1517 LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations,... | 10.0 | CRITICAL | β | 0 |
| CVE-2019-19810 Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending craft... | 10.0 | CRITICAL | β | 0 |
| CVE-2021-23857 Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to ... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-24803 Asciidoctor-include-ext is Asciidoctorβs standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an att... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-22954 GetLateOrMissingIssues in C4/Serials.pm in Koha before 24.11.02 allows SQL Injection in /serials/lateissues-export.pl via the supplierid or serialid parameter. | 10.0 | CRITICAL | β | 0 |
| CVE-2026-34938 PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing ... | 10.0 | CRITICAL | β | 0 |
| CVE-2025-41115 SCIM provisioning wasΒ introducedΒ in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In... | 10.0 | CRITICAL | β | 0 |
| CVE-2024-44148 This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | 10.0 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.