Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-12871 1 Aenrich 1 A+hrd 2025-11-12 9.8 Critical
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access tokens and use them to access the system with elevated privileges.
CVE-2025-12870 1 Aenrich 1 A+hrd 2025-11-12 9.8 Critical
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access the system with elevated privileges.
CVE-2025-12869 1 Aenrich 1 A+hrd 2025-11-12 4.8 Medium
The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administrator privileges to inject persistent JavaScript codes that are executed in users' browsers upon page load.
CVE-2025-12872 1 Aenrich 1 A+hrd 2025-11-12 5.4 Medium
The a+HRD and a+HCM developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing authenticated remote attackers to upload files containing malicious JavaScript code, which will execute on the client side when a user is tricked into visiting a specific URL.