Cut the noise.
Know which vulnerabilities demand action.

Monitor and prioritize what really matters — the 1% of vulnerabilities that can cause real impact.

Analytics

EPSS Trending (30d)

Threat Indicators

829
CISA KEV
244
Exploits
493
Proof-of-Concept
79.3%
Average EPSS

EPSS Hot Zone

|
Sort by:
KEV Prediction — Top%
EPSS Percentile — Top%

Emerging Vulnerabilities

22 May/26
CVE-2026-34910
CRITICAL

This vulnerability is a command injection flaw resulting from improper input validation in UniFi OS Server and related UniFi firmware components. The root cause lies in the failure to sanitize user-supplied input before passing it to system-level command execution functions. Affected components include UniFi OS Server and multiple UniFi device firmware versions, where network-accessible interfaces process untrusted input without adequate validation.

CVSS 10.0
EPSS 78.6%
KEV Pred 76%
Product Ubiquiti Inc UniFi OS Server ubiquiti
CVSS v3.1 KEV CWE-20
10 Feb/26
CVE-2026-1603
HIGH

This vulnerability is an authentication bypass in Ivanti Endpoint Manager versions prior to 2024 SU5. It stems from improper access control mechanisms within the RemoteControlAuth API, specifically the POST /RemoteControlAuth/api/Auth endpoint. The flaw allows unauthenticated remote actors to bypass normal authentication checks and access sensitive credential data stored by the application.

CVSS 7.5
EPSS 80.6%
KEV Pred 79%
Product Ivanti Endpoint Manager ivanti
CVSS v3.1 KEV CWE-288
10 Nov/25
CVE-2025-12480
CRITICAL

The vulnerability is an improper access control flaw affecting the initial setup pages of the Triofox file sharing platform. The root cause is the failure to restrict access to administrative setup endpoints after the initial configuration is complete. Specifically, unauthenticated network requests can access management interfaces that should be disabled post-setup, exposing sensitive administrative functionality.

CVSS 9.1
EPSS 90.5%
KEV Pred 75%
Product TrioFox triofox
CVSS v3.1 KEV CWE-284
12 Oct/25
CVE-2025-61884
HIGH

This vulnerability is a server-side request forgery (SSRF) flaw in the Runtime UI component of Oracle Configurator within Oracle E-Business Suite. The root cause is insufficient validation of user-supplied input parameters in HTTP requests, allowing crafted payloads to manipulate internal URL requests. The affected feature is the POST endpoint handling configurator UI servlet requests, which processes parameters without proper sanitization or access control.

CVSS 7.5
EPSS 97.8%
KEV Pred 72%
Product Oracle Corporation Oracle Configurator oracle
CVSS v3.1 KEV CWE-22 RANSOMWARE
04 Aug/25
CVE-2025-6205
CRITICAL

This vulnerability is a broken access control issue caused by missing authorization checks within the DELMIA Apriso application. The root cause lies in the failure to validate user privileges on specific API endpoints, particularly the message processing service. The affected component is the FlexNetMessageProcessor service endpoint in DELMIA Apriso versions from Release 2020 through Release 2025.

CVSS 9.1
EPSS 71.1%
KEV Pred 72%
Product Dassault Systèmes DELMIA Apriso dassault
CVSS v3.1 KEV CWE-862
04 Aug/25
CVE-2025-6204
HIGH

This vulnerability is a code injection flaw resulting from improper control over code generation in the file upload functionality of Dassault Systèmes DELMIA Apriso. The root cause lies in insufficient validation and normalization of uploaded file paths, allowing path traversal sequences to bypass storage restrictions. The affected component is the web service handling file uploads and related endpoints within DELMIA Apriso versions from Release 2020 through Release 2025.

CVSS 8.0
EPSS 76.1%
KEV Pred 69%
Product Dassault Systèmes DELMIA Apriso dassault
CVSS v3.1 KEV CWE-94
16 Jul/25
CVE-2025-20337
CRITICAL

This vulnerability is a command injection flaw caused by insufficient validation of user-supplied input within a specific API of Cisco Identity Services Engine (ISE) and Cisco ISE-PIC. The affected component improperly processes crafted API requests, allowing malicious input to be executed at the operating system level with root privileges. The root cause lies in inadequate input sanitization in the API handling mechanism, which enables unauthorized command execution on the underlying system.

CVSS 10.0
EPSS 65.1%
KEV Pred 73%
Product Cisco Identity Services Engine Software cisco
CVSS v3.1 KEV CWE-74 RANSOMWARE
10 Jul/25
CVE-2025-47813
MEDIUM

This vulnerability is an authenticated information disclosure flaw caused by improper validation of the 'UID' session cookie in the Wing FTP Server's /loginok.html endpoint. The root cause lies in the server's failure to correctly handle overlong cookie values, which triggers error responses containing sensitive internal information. The affected component is the session management mechanism handling the UID cookie in Wing FTP Server versions prior to 7.4.4.

CVSS 4.3
EPSS 56.4%
KEV Pred 66%
Product wftpserver Wing FTP Server wftpserver
CVSS v3.1 KEV CWE-209
02 Jun/25
CVE-2025-5086
CRITICAL

This vulnerability is an insecure deserialization flaw in Dassault Systèmes DELMIA Apriso affecting versions from Release 2020 through Release 2025. The root cause lies in the improper handling of untrusted serialized data within the FlexNetOperationsService component. Specifically, the service deserializes input without sufficient validation, enabling maliciously crafted data to manipulate internal object states during deserialization.

CVSS 9.0
EPSS 89.1%
KEV Pred 74%
Product Dassault Systèmes DELMIA Apriso dassault
CVSS v3.1 KEV CWE-502
21 May/25
CVE-2025-34026
HIGH

This vulnerability is an authentication bypass caused by improper validation of the X-Real-Ip HTTP header in the Traefik reverse proxy configuration of the Versa Concerto SD-WAN orchestration platform. The flaw allows unauthenticated requests to access protected Spring Boot Actuator endpoints. The affected component is the internal Actuator endpoint, which is exposed without proper access controls in versions 12.1.2 through 12.2.0 and potentially others.

CVSS 7.5
EPSS 83.5%
KEV Pred 44%
Product Versa Concerto versa
CVSS v3.1 CVSS v4.0 KEV CWE-288
21 May/25
CVE-2025-4008
HIGH

This vulnerability is a command injection flaw rooted in improper input validation within the Meteobridge web interface. The affected component is a CGI shell script endpoint that processes user-supplied parameters without adequate sanitization. Specifically, the templatefile parameter in the /public/template.cgi endpoint allows injection of arbitrary shell commands due to unsafe handling of input in the CGI and C-based web application components.

CVSS 8.8
EPSS 95.0%
KEV Pred 70%
Product Smartbedded MeteoBridge smartbedded
CVSS v3.1 CVSS v4.0 KEV CWE-77
10 Apr/25
CVE-2024-58136
CRITICAL

This vulnerability is an unsafe reflection flaw in the Yii 2 framework prior to version 2.0.52, caused by improper handling of behavior attachment via the __class array key. The root cause lies in the framework's JSON behavior deserialization logic, which fails to validate the __class key correctly, allowing instantiation of arbitrary PHP classes. The affected component is the behavior attachment mechanism in Yii's core framework.

CVSS 9.8
EPSS 87.8%
KEV Pred 69%
Product yiiframework Yii yiiframework
CVSS v3.1 KEV CWE-424
25 Mar/25
CVE-2025-29635
HIGH

This vulnerability is a command injection issue rooted in improper input validation within the firmware of D-Link DIR-823X models 240126 and 240802. The flaw exists in the handling of POST requests to the /goform/set_prohibiting endpoint, where user-supplied input is passed to system-level command execution functions without adequate sanitization. The affected component is the web management interface responsible for processing configuration commands, specifically the function invoked by the set_prohibiting form handler.

CVSS 7.2
EPSS 87.2%
KEV Pred 49%
Product N/A
CVSS v3.1 KEV CWE-77
24 Mar/25
CVE-2025-2747
CRITICAL

This vulnerability is an authentication bypass caused by improper password handling in the Staging Sync Server component of Kentico Xperience. Specifically, the server's handling of the 'None' password type fails to enforce authentication checks. This flaw resides in the SyncServer.asmx endpoint responsible for staging synchronization operations, affecting versions through 13.0.178.

CVSS 9.8
EPSS 92.2%
KEV Pred 72%
Product Kentico Xperience kentico
CVSS v3.1 KEV CWE-288
24 Mar/25
CVE-2025-2746
CRITICAL

This vulnerability is an authentication bypass affecting the Kentico Xperience Staging Sync Server component. The root cause lies in improper handling of digest authentication credentials, specifically the acceptance of empty SHA1 usernames during password verification. This flaw allows bypassing the normal authentication mechanism within the staging synchronization service prior to version 13.0.172.

CVSS 9.8
EPSS 58.4%
KEV Pred 72%
Product Kentico Xperience kentico
CVSS v3.1 KEV CWE-288
04 Mar/25
CVE-2025-1316
CRITICAL

The vulnerability in the Edimax IC-7100 IP Camera is a command injection flaw rooted in improper input sanitization of user-supplied requests. Specifically, the device fails to neutralize special characters in incoming parameters, allowing crafted input to be interpreted as system commands. This affects the device's request handling component, enabling execution of arbitrary commands at the operating system level.

CVSS 9.8
EPSS 72.3%
KEV Pred 66%
Product Edimax IC-7100 IP Camera edimax
CVSS v3.1 CVSS v4.0 KEV CWE-78
03 Feb/25
CVE-2023-52163
HIGH

This vulnerability is a command injection flaw caused by improper input sanitization in the time_tzsetup.cgi component of Digiever DS-2105 Pro firmware version 3.1.0.71-11. Specifically, the affected CGI script fails to validate user-supplied parameters, allowing injection of arbitrary shell commands. The vulnerability resides in the device's web management interface, particularly in the processing of POST requests to the /cgi-bin/cgi_main.cgi endpoint.

CVSS 8.8
EPSS 96.4%
KEV Pred 38%
Product Digiever DS-2105 Pro digiever
CVSS v3.1 KEV CWE-862
03 Feb/25
CVE-2025-25181
HIGH

This vulnerability is a SQL injection flaw caused by improper input validation in the Advantive VeraCore application. Specifically, the timeoutWarning.asp component concatenates the user-supplied PmSess1 parameter directly into SQL queries without sanitization. This lack of parameterization or escaping in the database query construction enables injection of arbitrary SQL commands.

CVSS 7.5
EPSS 50.6%
KEV Pred 71%
Product Advantive VeraCore advantive
CVSS v3.1 KEV CWE-89
14 Jan/25
CVE-2024-13160
HIGH

This vulnerability is an absolute path traversal flaw rooted in improper input validation within Ivanti Endpoint Manager's file handling components. Specifically, the affected feature processes file path parameters without adequate sanitization, allowing an attacker to specify arbitrary filesystem locations. The flaw resides in the handling of UNC paths and wildcard parameters in the EPM web service endpoints, enabling unauthorized access to sensitive filesystem resources.

CVSS 7.5
EPSS 89.7%
KEV Pred 82%
Product Ivanti Endpoint Manager ivanti
CVSS v3.1 KEV CWE-36 RANSOMWARE
14 Jan/25
CVE-2024-13161
HIGH

This vulnerability is an absolute path traversal flaw within Ivanti Endpoint Manager's input validation mechanisms. The root cause lies in improper sanitization of user-supplied parameters that allow specifying arbitrary file paths. The affected component is the GetHashForSingleFile endpoint within the WSVulnerabilityCore service, which processes file path inputs without adequate restriction, enabling unauthorized path referencing.

CVSS 7.5
EPSS 88.5%
KEV Pred 82%
Product Ivanti Endpoint Manager ivanti
CVSS v3.1 KEV CWE-36 RANSOMWARE
27 Dec/24
CVE-2024-12987
CRITICAL

This vulnerability is a remote OS command injection caused by improper sanitization of the 'session' parameter within the Web Management Interface component of DrayTek Vigor2960 and Vigor300B firmware version 1.5.1.4. The flaw resides in the /cgi-bin/mainfunction.cgi/apmcfgupload endpoint, where user-supplied input is executed without adequate validation, allowing arbitrary system commands to be injected and executed on the device.

CVSS 9.8
EPSS 98.1%
KEV Pred 78%
Product DrayTek Vigor2960 draytek
CVSS v3.1 CVSS v4.0 KEV CWE-77
08 Oct/24
CVE-2024-9380
HIGH

This vulnerability is an OS command injection flaw rooted in improper input validation within the administrative web console of Ivanti CSA (Cloud Services Appliance). Specifically, the affected component fails to sanitize user-supplied input in commands executed by the system shell, enabling injection of arbitrary OS commands. The flaw exists in versions prior to 5.0.2 of the Ivanti CSA admin interface, which processes privileged commands without adequate input filtering.

CVSS 7.2
EPSS 63.0%
KEV Pred 68%
Product Ivanti CSA (Cloud Services Appliance) ivanti
CVSS v3.1 KEV CWE-77
17 Sep/24
CVE-2024-8957
HIGH

This vulnerability is an OS command injection flaw resulting from insufficient validation of the ntp_addr configuration parameter in PTZOptics PT30X-SDI and PT30X-NDI-xx firmware prior to version 6.3.40. The affected component is the ntp_client service, which processes the ntp_addr input without proper sanitization, allowing injection of arbitrary shell commands. The root cause lies in the failure to properly sanitize or restrict input to this configuration value during the initialization of the NTP client.

CVSS 7.2
EPSS 82.0%
KEV Pred 81%
Product PTZOptics PT30X-SDI ptzoptics
CVSS v3.1 KEV CWE-78
17 Sep/24
CVE-2024-8956
CRITICAL

This vulnerability is an authentication bypass affecting the PTZOptics PT30X-SDI and PT30X-NDI-xx firmware prior to version 6.3.40. The root cause is insufficient enforcement of HTTP Authorization headers on the /cgi-bin/param.cgi endpoint, allowing unauthenticated requests to access sensitive parameter handling functions. The affected component is the camera's web interface CGI parameter management module, which fails to validate authentication tokens properly before processing configuration requests.

CVSS 9.1
EPSS 60.9%
KEV Pred 74%
Product PTZOptics PT30X-SDI ptzoptics
CVSS v3.1 KEV CWE-306
17 Sep/24
CVE-2024-38812
CRITICAL

This vulnerability is a heap-based buffer overflow occurring within the implementation of the Distributed Computing Environment / Remote Procedure Calls (DCERPC) protocol in VMware vCenter Server. The root cause lies in improper handling of specially crafted network packets that exceed allocated heap memory boundaries. The affected component is the DCERPC protocol handler in vCenter Server versions 7.0 and VMware Cloud Foundation deployments, where unchecked input leads to memory corruption.

CVSS 9.8
EPSS 54.1%
KEV Pred 76%
Product VMware vCenter Server vmware
CVSS v3.1 KEV CWE-122 RANSOMWARE
10 Sep/24
CVE-2024-43461
HIGH

This vulnerability is a spoofing flaw in the MSHTML platform of Microsoft Windows, caused by improper handling of content rendering and security zone validation within the MSHTML component. The root cause lies in the failure to correctly validate and sanitize input that affects the document object model, allowing crafted content to masquerade as trusted sources. The affected component is the MSHTML engine used for rendering HTML content in Windows 11 and earlier versions.

CVSS 8.8
EPSS 51.9%
KEV Pred 80%
Product Microsoft Windows 11 Version 24H2 microsoft
CVSS v3.1 KEV CWE-451 RANSOMWARE
04 Sep/24
CVE-2024-20439
CRITICAL

This vulnerability is an authentication bypass caused by an undocumented static administrative credential embedded within the Cisco Smart Licensing Utility (CSLU). The root cause is the presence of a hardcoded user credential for an administrative account that is not documented or configurable. The affected component is the CSLU application API, which accepts authentication requests using these static credentials without proper validation or restriction.

CVSS 9.8
EPSS 91.9%
KEV Pred 79%
Product Cisco Smart License Utility cisco
CVSS v3.1 KEV CWE-912 RANSOMWARE
13 Aug/24
CVE-2024-28986
CRITICAL

This vulnerability is a Java deserialization flaw in SolarWinds Web Help Desk that arises from insecure handling of serialized objects. The root cause is improper validation of user-supplied serialized data, allowing maliciously crafted objects to be deserialized. The affected component is the Web Help Desk application prior to version 12.8.3, specifically in its Java backend deserialization routines.

CVSS 9.8
EPSS 84.6%
KEV Pred 71%
Product SolarWinds Web Help Desk solarwinds
CVSS v3.1 KEV CWE-502
10 Jul/24
CVE-2024-5217
CRITICAL

This vulnerability is an input validation flaw in the ServiceNow Now Platform affecting the Washington DC, Vancouver, and earlier releases. It arises from improper sanitization of user-supplied input in the login endpoint, specifically within the jvar_page_title parameter. The root cause involves insecure processing of XML/Jelly script embedded in HTTP GET requests, allowing unauthorized code execution within the platform's execution context.

CVSS 9.8
EPSS 99.6%
KEV Pred 71%
Product ServiceNow Now Platform servicenow
CVSS v3.1 CVSS v4.0 KEV CWE-184
24 Apr/24
CVE-2024-20353
HIGH

This vulnerability is a denial of service (DoS) condition caused by improper input validation in the HTTP header parsing logic of the management and VPN web servers within Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. The root cause is incomplete error checking during HTTP header processing, which leads to a device reload when malformed HTTP requests are received. The affected components are the web server modules responsible for management and VPN functions in specific ASA software versions.

CVSS 8.6
EPSS 70.7%
KEV Pred 72%
Product Cisco Adaptive Security Appliance (ASA) Software cisco
CVSS v3.1 KEV CWE-835
21 Jan/24
CVE-2024-0769
CRITICAL

This vulnerability is a path traversal flaw rooted in insufficient input validation within the HTTP POST request handler of the D-Link DIR-859 firmware version 1.06B01. Specifically, the 'service' parameter in the /hedwig.cgi endpoint fails to properly sanitize user-supplied input, allowing directory traversal sequences to access unauthorized filesystem locations. The affected component is the HTTP POST Request Handler responsible for processing requests to /hedwig.cgi.

CVSS 9.8
EPSS 82.7%
KEV Pred 54%
Product D-Link DIR-859 d-link
CVSS v3.1 KEV CWE-22
17 Jan/24
CVE-2023-6549
HIGH

This vulnerability is a memory safety flaw classified as an improper restriction of operations within the bounds of a memory buffer. It arises from inadequate validation of input data length in the NetScaler ADC and NetScaler Gateway components, specifically affecting the handling of requests to the Gateway or AAA virtual server web interfaces. The root cause is an out-of-bounds memory read condition triggered by malformed input, leading to unauthorized memory access beyond allocated buffers.

CVSS 7.5
EPSS 57.6%
KEV Pred 72%
Product Cloud Software Group NetScaler ADC cloud
CVSS v3.1 KEV CWE-119
08 Dec/23
CVE-2023-47565
HIGH

This vulnerability is an OS command injection affecting legacy QNAP VioStor NVR devices running QVR Firmware 4.x. The root cause lies in insufficient input validation within the firmware's command execution routines, allowing crafted input to be interpreted as system commands. The affected component is the QVR Firmware's network-facing management interface that processes authenticated user commands.

CVSS 8.8
EPSS 73.3%
KEV Pred 68%
Product QNAP Systems Inc. VioStor NVR qnap
CVSS v3.1 KEV CWE-78
06 Dec/23
CVE-2023-49897
HIGH

This vulnerability is an OS command injection flaw rooted in improper input validation within the AE1021PE and AE1021 firmware versions 2.0.9 and earlier. The affected component is the firmware's command processing mechanism that executes system-level commands based on user input. Specifically, the flaw arises from insufficient sanitization of input parameters passed to OS command execution functions, allowing injection of arbitrary commands by authenticated users.

CVSS 8.8
EPSS 50.7%
KEV Pred 59%
Product FXC Inc. AE1021PE fxc
CVSS v3.1 KEV CWE-78
05 Dec/23
CVE-2023-44221
HIGH

This vulnerability is an OS command injection affecting the SonicWall SMA100 SSL-VPN management interface. It arises from improper neutralization of special characters in user-supplied input within the administrative interface, allowing crafted input to be executed as system commands. The flaw specifically impacts the SMA100 management component responsible for processing administrative commands.

CVSS 7.2
EPSS 74.9%
KEV Pred 53%
Product SonicWall SMA100 sonicwall
CVSS v3.1 KEV CWE-78
25 Oct/23
CVE-2023-34048
CRITICAL

This vulnerability is an out-of-bounds write occurring within the DCERPC protocol implementation of VMware vCenter Server. The flaw arises from improper handling of memory boundaries during processing of specific network requests, leading to memory corruption. The affected component is the DCERPC protocol handler in vCenter Server versions 7.0 and potentially others, which processes remote procedure calls over the network interface.

CVSS 9.8
EPSS 99.4%
KEV Pred 73%
Product VMware vCenter Server vmware
CVSS v3.1 KEV CWE-787 RANSOMWARE
18 Oct/23
CVE-2023-5631
MEDIUM

This vulnerability is a stored Cross-Site Scripting (XSS) flaw caused by improper sanitization of HTML email content containing crafted SVG documents. The root cause lies in the handling logic within the program/lib/Roundcube/rcube_washtml.php component, which fails to adequately neutralize embedded JavaScript vectors in SVG elements. This affects the Roundcubemail webmail client versions prior to 1.4.15, 1.5.x before 1.5.5, and 1.6.x before 1.6.4.

CVSS 5.4
EPSS 73.4%
KEV Pred 71%
Product Roundcubemail roundcubemail
CVSS v3.1 KEV CWE-79
10 Oct/23
CVE-2023-41763
MEDIUM

This vulnerability is a server-side request forgery (SSRF) issue rooted in improper validation of user-supplied input within the Skype for Business Server 2015 CU13 and 2019 CU7 web interface. The flaw arises from the meeturl parameter in the LwaClient.aspx endpoint, which accepts base64-encoded payloads without adequate sanitization, allowing crafted requests to trigger internal network probing. The affected component is the web-based client request handler responsible for processing meeting URLs.

CVSS 5.3
EPSS 90.4%
KEV Pred 63%
Product Microsoft Skype for Business Server 2015 CU13 microsoft
CVSS v3.1 KEV CWE-918 RANSOMWARE
14 Sep/23
CVE-2023-38205
HIGH

This vulnerability is an improper access control flaw in Adobe ColdFusion's administrative interface. The root cause lies in insufficient enforcement of authentication and authorization checks on the administrator CFM and CFC endpoints. Specifically, the access control mechanisms fail to restrict unauthenticated external requests, allowing bypass of security controls designed to protect administrative functions.

CVSS 7.5
EPSS 99.7%
KEV Pred 62%
Product Adobe ColdFusion adobe
CVSS v3.1 KEV CWE-284
29 Aug/23
CVE-2023-41266
MEDIUM

This vulnerability is a path traversal flaw in Qlik Sense Enterprise for Windows, caused by insufficient validation of user-supplied input in session management components. The root cause lies in improper sanitization of headers used to generate session identifiers, allowing manipulation of the session creation process. The affected feature is the anonymous session generation mechanism accessible via HTTP requests to specific API endpoints.

CVSS 6.5
EPSS 85.0%
KEV Pred 75%
Product Qlik Sense qlik
CVSS v3.1 KEV CWE-22 RANSOMWARE
17 Aug/23
CVE-2023-36847
MEDIUM

This vulnerability is a missing authentication flaw in Juniper Networks Junos OS on EX Series devices. The root cause is the lack of authentication enforcement on the installAppPackage.php endpoint within the J-Web management interface. This allows unauthenticated network access to a critical function responsible for handling file uploads, specifically affecting the file system integrity component of the affected devices.

CVSS 5.3
EPSS 84.7%
KEV Pred 73%
Product Juniper Networks Junos OS juniper
CVSS v3.1 KEV CWE-306
03 Aug/23
CVE-2023-35081
HIGH

This vulnerability is a path traversal flaw within the Ivanti EPMM appliance that allows authenticated administrators to write arbitrary files to the system. The root cause lies in insufficient validation of file path inputs, enabling directory traversal sequences to escape intended directories. The affected component is the file handling mechanism in Ivanti Endpoint Manager Mobile versions prior to 11.10.0.3, 11.9.1.2, and 11.8.1.2.

CVSS 7.2
EPSS 63.3%
KEV Pred 64%
Product Ivanti EPMM ivanti
CVSS v3.1 KEV CWE-22
03 Aug/23
CVE-2023-38950
HIGH

This vulnerability is a path traversal flaw located in the iclock API component of ZKTeco BioTime software. The root cause is insufficient validation of user-supplied input, allowing crafted payloads to manipulate file path parameters. This improper sanitization enables unauthorized access to arbitrary files on the system through directory traversal sequences.

CVSS 7.5
EPSS 84.9%
KEV Pred 54%
Product ZKTeco BioTime zkteco
CVSS v3.1 KEV CWE-22
31 Jul/23
CVE-2023-37580
MEDIUM

This vulnerability is a reflected cross-site scripting (XSS) flaw resulting from improper input sanitization in the Zimbra Classic Web Client. The root cause lies in the web application's failure to adequately validate or encode user-supplied input parameters before rendering them in the browser context. The affected component is the Zimbra Collaboration Suite (ZCS) versions prior to 8.8.15 Patch 41, specifically within the web client interface handling certain HTTP request parameters.

CVSS 6.1
EPSS 59.0%
KEV Pred 72%
Product Synacor Zimbra Collaboration Suite (ZCS) synacor
CVSS v3.1 KEV CWE-79
20 Jul/23
CVE-2023-38203
CRITICAL

This vulnerability is a deserialization of untrusted data flaw in Adobe ColdFusion, caused by improper validation of serialized input data. The root cause lies in the deserialization process within the ColdFusion Administrator API component, specifically the handling of crafted WDDX packets in the base.cfc admin API. This flaw enables maliciously crafted serialized objects to be processed without integrity checks, leading to execution of arbitrary code within the affected ColdFusion runtime environment.

CVSS 9.8
EPSS 97.0%
KEV Pred 73%
Product Adobe ColdFusion adobe
CVSS v3.1 KEV CWE-502 RANSOMWARE
12 Jul/23
CVE-2023-29300
CRITICAL

This vulnerability is a Deserialization of Untrusted Data flaw affecting Adobe ColdFusion's administrative API component. The root cause lies in improper handling of serialized data inputs within the access manager module, specifically in the deserialization process of WDDX packets. This flaw exists in versions 2018u16 and earlier, 2021u6 and earlier, and 2023.0.0.330468 and earlier, impacting the server-side deserialization logic without adequate validation or sanitization.

CVSS 9.8
EPSS 100.0%
KEV Pred 73%
Product Adobe ColdFusion adobe
CVSS v3.1 KEV CWE-502 RANSOMWARE
12 Jul/23
CVE-2023-29298
HIGH

This vulnerability is an improper access control flaw within Adobe ColdFusion's administrative interface, specifically affecting the /CFIDE/ directory. The root cause is insufficient enforcement of access restrictions on CFM and CFC endpoints, allowing unauthorized requests to bypass security checks. The affected components include the ColdFusion Administrator's CFM and CFC files across multiple versions.

CVSS 7.5
EPSS 99.8%
KEV Pred 56%
Product Adobe ColdFusion adobe
CVSS v3.1 KEV CWE-284
06 Jul/23
CVE-2023-34192
CRITICAL

This vulnerability is a Cross Site Scripting (XSS) flaw rooted in improper input sanitization within the Zimbra Collaboration Suite (ZCS) version 8.8.15. The affected component is the /h/autoSaveDraft endpoint, which fails to correctly validate or encode user-supplied script content. This allows injection of malicious scripts that are subsequently executed in the context of authenticated users interacting with the autoSaveDraft function.

CVSS 9.0
EPSS 77.3%
KEV Pred 44%
Product Synacor Zimbra Collaboration Suite (ZCS) synacor
CVSS v3.1 KEV CWE-79
19 Jun/23
CVE-2023-27992
CRITICAL

This vulnerability is a pre-authentication command injection affecting the Zyxel NAS326, NAS540, and NAS542 firmware. The root cause lies in improper input validation of HTTP request parameters that are directly passed to operating system command execution functions. The affected component is the firmware's HTTP service that handles incoming requests without sufficient sanitization, allowing injection of arbitrary OS commands.

CVSS 9.8
EPSS 84.2%
KEV Pred 53%
Product Zyxel NAS326 firmware zyxel
CVSS v3.1 KEV CWE-78
25 Apr/23
CVE-2023-29552
HIGH

This vulnerability is an unauthenticated amplification flaw in the Service Location Protocol (SLP) implementation, allowing remote attackers to register arbitrary services without validation. The root cause lies in the SLP server's acceptance and processing of spoofed UDP packets that register services without authentication or integrity checks. The affected component is the SLP service as defined in RFC 2608, implemented in certain NetApp and SUSE products.

CVSS 7.5
EPSS 65.9%
KEV Pred 80%
Product IETF Service Location Protocol (SLP) ietf
CVSS v3.1 KEV
Page 1 of 2 (99 total)