CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 56 results
«« First « Prev Page 1 / 3 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2020-14094 In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution. 9.8 2.33% 2020-06-24 2026-06-16
CVE-2020-14095 In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution. 9.8 2.33% 2020-06-24 2026-06-16
CVE-2020-14096 Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process. 9.8 1.21% 2020-09-11 2026-06-16
CVE-2020-14097 Wrong nginx configuration, causing specific paths to be downloaded without authorization. This affects Xiaomi router AX6 ROM version < 1.0.18. 7.5 0.86% 2021-01-13 2026-06-16
CVE-2020-14098 The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26. 7.5 1.22% 2021-01-13 2026-06-16
CVE-2020-14099 On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password. 7.5 0.60% 2021-04-08 2026-06-16
CVE-2020-14100 In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability. 9.8 5.18% 2020-09-11 2026-06-16
CVE-2020-14101 The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26. 7.5 1.06% 2021-01-13 2026-06-16
CVE-2020-14102 There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26. 7.2 1.88% 2021-01-13 2026-06-16
CVE-2020-14103 The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15. 5.5 0.70% 2021-04-08 2026-06-16
CVE-2020-14104 A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50. 8.1 0.66% 2021-04-08 2026-06-16
CVE-2020-14105 The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15. 5.5 0.26% 2021-04-20 2026-06-16
CVE-2020-14106 The application in the mobile phone can unauthorized access to the list of running processes in the mobile phone, Xiaomi Mobile Phone MIUI < 2021.01.26. 5.5 0.66% 2021-04-08 2026-06-16
CVE-2020-14107 A stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN. 7.5 0.96% 2022-01-18 2026-06-16
CVE-2020-14109 There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version =< 1.1.12 7.2 2.17% 2021-09-16 2026-06-16
CVE-2020-14110 AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain sensitive information and log in to the web background. 7.8 0.25% 2022-01-18 2026-06-16
CVE-2020-14111 A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. 7.8 0.31% 2022-03-10 2026-06-16
CVE-2020-14112 Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by incorrect routing configuration. Attackers can exploit this vulnerability to download part of the files in Xiaomi Router AX6000. 5.3 0.77% 2022-03-10 2026-06-16
CVE-2020-14114 information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information. 7.5 0.60% 2022-07-22 2026-06-16
CVE-2020-14115 A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execute code. 9.8 1.08% 2022-03-10 2026-06-16
«« First « Prev Page 1 / 3 Next »
cvelogic Threat Intelligence