Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

CVE
CVEadded 2026/02/11 10:58 p.m.8 views

CVE-2026-20645

CVE-2026-20645: An inconsistency in the user interface was mitigated by changes to state management. Affected product classes are Apple iOS and iPadOS, with fixes in iOS 26.3 / iPadOS 26.3 and iOS 18.7.5 / iPadOS 18.7.5. The description indicates that an attacker with physical access to a locked ...

4.6CVSS5.8AI score0.00021EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichmentadded 2026/02/11 10:58 p.m.5 views

CVE-2026-20645

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information...

5.3AI score0.00021EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/09 9:9 a.m.4 views

CVE-2019-20645

NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS...

4.8CVSS6.6AI score0.00293EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:7 p.m.6 views

CVE-2021-20645

Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors...

5.4CVSS6.2AI score0.00329EPSS
Exploits0References1
Circl
Circladded 2025/03/05 8:36 p.m.0 views

CVE-2023-20645

creationtimestamp| type| source ---|---|--- 2025-03-05 20:36:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6614 2025-03-06 02:17:23+00:00| seen| Telegram/BwYlTtFPmgQfNGrtw4dQpWbmoUzSIxQBFrlnpGmCl1U65...

4.4CVSS4.7AI score0.00018EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/03/05 2:46 a.m.10 views

CVE-2025-20645

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599...

7.8CVSS6.9AI score0.00037EPSS
Exploits0References1
Circl
Circladded 2025/03/03 3:33 a.m.1 views

CVE-2025-20645

creationtimestamp| type| source ---|---|--- 2025-03-03 03:33:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6142 2025-03-03 05:29:58+00:00| seen| https://t.me/cvedetector/19292...

7.8CVSS4.8AI score0.00037EPSS
Exploits0References2
OSV
OSVadded 2025/03/03 3:15 a.m.0 views

CVE-2025-20645

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599...

7.8CVSS5.8AI score0.00037EPSS
Exploits0References1
CVE
CVEadded 2025/03/03 2:25 a.m.119 views

CVE-2025-20645

The CVE-2025-20645 issue affects MediaTek components (KeyInstall) and is caused by a missing bounds check, leading to a possible out-of-bounds write. This could enable local privilege escalation for an attacker with System privileges, with no user interaction required. A patch is available (ALPS0...

7.8CVSS7.1AI score0.00037EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/03/03 2:25 a.m.6 views

CVE-2025-20645

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599...

6.7AI score0.00037EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/03/03 2:25 a.m.14 views

CVE-2025-20645

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599...

0.00037EPSS
Exploits0References1
OSV
OSVadded 2023/03/07 9:15 p.m.1 views

CVE-2023-20645

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628609; Issue ID: ALPS07628609...

4.4CVSS5.9AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/03/07 12:0 a.m.5 views

CVE-2023-20645

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628609; Issue ID: ALPS07628609...

6.3AI score0.00018EPSS
Exploits0References1
CVE
CVEadded 2023/03/07 12:0 a.m.46 views

CVE-2023-20645

CVE-2023-20645 affects the ril component in MediaTek-based devices. The vulnerability is an out-of-bounds read caused by a missing bounds check, potentially enabling local information disclosure with system execution privileges. Exploitation does not require user interaction. A patch is identifie...

4.4CVSS4.2AI score0.00018EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2022/01/14 5:15 a.m.7 views

CVE-2022-20645

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

6.1CVSS0.00153EPSS
Exploits0References1
CVE
CVEadded 2022/01/14 5:1 a.m.86 views

CVE-2022-20645

CVE-2022-20645 concerns Cisco Security Manager. The issue is cross-site scripting via the web-based management interface caused by inadequate input validation. An unauthenticated, remote attacker can lure a user to click a crafted link to execute arbitrary script code in the interface context or ...

6.1CVSS6.2AI score0.00153EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/01/14 5:1 a.m.11 views

CVE-2022-20645 Cisco Security Manager Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

6.1CVSS6.7AI score0.00153EPSS
Exploits0References1
CVE
CVEadded 2021/08/19 6:16 p.m.42 views

CVE-2020-20645

The CVE-2020-20645 entry refers to a Cross-Site Scripting (XSS) vulnerability in EyouCMS 1.3.6 within the basic_information area. The root cause is described in CNVD/CNNVD sources as insufficient validation/filtering of user input, enabling an attacker to lure users into sending malicious request...

5.4CVSS5.2AI score0.0027EPSS
Exploits1References1Affected Software1
Circl
Circladded 2021/02/12 12:43 p.m.1 views

CVE-2021-20645

creationtimestamp| type| source ---|---|--- 2021-02-12 12:43:34+00:00| seen| https://t.me/cibsecurity/23528...

5.4CVSS5.5AI score0.00329EPSS
Exploits0References1
Cvelist
Cvelistadded 2021/02/12 6:15 a.m.19 views

CVE-2021-20645

Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors...

5.9AI score0.00329EPSS
Exploits0References2
Rows per page
Query Builder