CVEs classified under CWE-99, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (37)
CVE-2025-43491 — CVSS 9.8 (critical): A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow modifications to the filesystem, which…
CVE-2017-5159 — CVSS 9.8 (critical): An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. When updating an mGuard device to…
CVE-2025-2410 — CVSS 9.1 (critical): Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP port access if session administrator…
CVE-2025-0756 — CVSS 9.1 (critical): Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is…
CVE-2024-57971 — CVSS 9.1 (critical): DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/…
CVE-2024-5706 — CVSS 8.8 (high): The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an…
CVE-2023-3517 — CVSS 8.5 (high): Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI…
CVE-2022-39369 — CVSS 8.0 (high): phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS)…
CVE-2019-6545 — CVSS 7.5 (high): AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version…
CVE-2026-3693 — CVSS 7.3 (high): A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function get_user_info/update_user_info of the file…
CVE-2023-6605 — CVSS 7.2 (high): A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the…
CVE-2026-33603 — CVSS 6.8 (medium): Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the…
CVE-2022-27670 — CVSS 6.5 (medium): SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server…
CVE-2026-10168 — CVSS 6.3 (medium): A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb1…
CVE-2025-1645 — CVSS 6.3 (medium): A vulnerability classified as critical was found in Benner Connecta 1.0.5330. Affected by this vulnerability is an unknown functionality of…
CVE-2024-4294 — CVSS 6.3 (medium): A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this…
CVE-2019-1860 — CVSS 5.9 (medium): A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to…
CVE-2026-9438 — CVSS 5.4 (medium): A vulnerability was found in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown…
CVE-2022-3774 — CVSS 5.4 (medium): A vulnerability was found in SourceCodester Train Scheduler App 1.0 and classified as critical. Affected by this issue is some unknown…
CVE-2026-5414 — CVSS 5.3 (medium): A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is some unknown functionality of the file…
CVE-2025-9619 — CVSS 5.3 (medium): A security flaw has been discovered in E4 Sistemas Mercatus ERP 2.00.019. The affected element is an unknown function of the file…
CVE-2023-6604 — CVSS 5.3 (medium): A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to…
CVE-2023-6602 — CVSS 5.3 (medium): A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant…
CVE-2016-8615 — CVSS 5.3 (medium): A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for…
CVE-2023-6601 — CVSS 4.7 (medium): A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary…
CVE-2026-12207 — CVSS 4.3 (medium): A security flaw has been discovered in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. Impacted is the function…
CVE-2026-10624 — CVSS 4.3 (medium): A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality…
CVE-2026-5031 — CVSS 4.3 (medium): A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?_route=settings/users…
CVE-2025-8793 — CVSS 4.3 (medium): A vulnerability classified as problematic was found in LitmusChaos Litmus up to 3.19.0. Affected by this vulnerability is an unknown…
CVE-2025-3855 — CVSS 4.3 (medium): A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some…
CVE-2025-3405 — CVSS 4.3 (medium): A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27. It has been declared as problematic. Affected by this vulnerability…
CVE-2025-1642 — CVSS 4.3 (medium): A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of…
CVE-2025-1575 — CVSS 4.3 (medium): A vulnerability classified as problematic has been found in Harpia DiagSystem 12. Affected is an unknown function of the file…
CVE-2026-10299 — CVSS 3.8 (low): A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the…
CVE-2026-7303 — CVSS 3.7 (low): A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file…
CVE-2026-13493 — CVSS 3.1 (low): A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file…
CVE-2025-0625 — CVSS 3.1 (low): A vulnerability, which was classified as problematic, was found in CampCodes School Management Software 1.0. This affects an unknown part…