Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2021-33544 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 94.25% | 2021-09-13 | 2024-11-21 |
| CVE-2023-1698 | In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. | 9.8 | 94.03% | 2023-05-15 | 2024-11-21 |
| CVE-2021-33549 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 88.73% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33554 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 87.38% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33548 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 87.38% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33543 | Multiple camera devices by UDP Technology, Geutebrück and other vendors allow unauthenticated remote access to sensitive files due to default user authentication settings. This can lead to manipulation of the device and denial of service. | 9.8 | 87.24% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33550 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 86.55% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33553 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 83.95% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33552 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 83.95% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33551 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 83.95% | 2021-09-13 | 2024-11-21 |
| CVE-2021-20991 | In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated user can run commands as root user using a command injection vulnerability. | 9.8 | 34.19% | 2021-04-19 | 2024-11-21 |
| CVE-2025-41646 | An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device | 9.8 | 33.84% | 2025-06-06 | 2025-06-10 |
| CVE-2021-33547 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code. | 7.2 | 19.31% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33546 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code. | 7.2 | 19.31% | 2021-09-13 | 2024-11-21 |
| CVE-2021-33545 | Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code. | 7.2 | 19.31% | 2021-09-13 | 2024-11-21 |
| CVE-2020-12513 | Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection. | 7.5 | 8.89% | 2021-01-22 | 2024-11-21 |
| CVE-2020-12497 | PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation. | 7.8 | 8.37% | 2020-07-01 | 2024-11-21 |
| CVE-2020-12503 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections. | 7.2 | 6.42% | 2020-10-15 | 2024-11-21 |
| CVE-2021-33527 | In MB connect line mbDIALUP versions <= 3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the service. | 9.8 | 6.38% | 2021-08-02 | 2024-11-21 |
| CVE-2022-45140 | The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise. | 9.8 | 6.26% | 2023-02-27 | 2024-11-21 |