Lucene search
K

51 matches found

Cvelist
Cvelist
added 2023/05/18 12:0 a.m.26 views

CVE-2023-20184 Cisco DNA Center Software API Vulnerabilities

Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these...

5.4CVSS6.2AI score0.00485EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.9 views

PT-2022-24440 · Msi · Msi Center

Name of the Vulnerable Software and Affected Versions: MSI Center version 1.0.50.0 Description: The issue allows attackers to escalate privileges via running a crafted executable, exploiting a vulnerability in the component C Features of MSI.CentralServer.exe. Recommendations: For version 1.0.50....

7.8CVSS7.5AI score0.00459EPSS
Exploits2References4
BDU FSTEC
BDU FSTEC
added 2021/06/09 12:0 a.m.8 views

The vulnerability of the toNumber, trim, and trimEnd functions in the lodash library for application software from Aurora Center involves an uncontrolled resource consumption, allowing attackers to cause service failures.

The vulnerability of the toNumber, trim, and trimEnd functions in the lodash library for application software from Aurora Center involves an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.5CVSS6.6AI score0.07336EPSS
Exploits1References5Affected Software2
Prion
Prion
added 2021/04/08 4:15 a.m.26 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface do...

4.3CVSS5.9AI score0.00823EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2021/01/20 8:15 p.m.40 views

CVE-2021-1257

A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The...

8.8CVSS7.7AI score0.00836EPSS
Exploits0References2
CVE
CVE
added 2021/01/20 7:57 p.m.97 views

CVE-2021-1257

CVE-2021-1257 affects Cisco DNA Center (web-based management interface) with CSRF in versions prior to 2.1.2.0. An unauthenticated, remote attacker can lure a logged-in user to a crafted link, causing actions on the device with the user’s privileges, including modifying configuration, disconnecti...

8.8CVSS8.1AI score0.00836EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/08/17 6:15 p.m.3 views

CVE-2020-3448

A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are running on an affected device. The vulnerability is due to insufficient enforcement of access control...

5.8CVSS6.2AI score0.0111EPSS
Exploits0References1
Prion
Prion
added 2019/10/02 7:15 p.m.20 views

Sql injection

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary SQL injections on an affected device. These vulnerabilities exist due to improper input validation. An attacker could...

9CVSS9AI score0.02965EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/09/14 12:0 a.m.6 views

Intel Data Center Migration Center Software software installer DLL injection vulnerability

Intel Data Center Migration Center Software is a set of data center migration software from Intel Corporation in the U.S. The software installer is its installer. A DLL injection vulnerability exists in the software installer in Intel Data Center Migration Center Software 3.1 and earlier versions...

5.3CVSS5.8AI score0.00432EPSS
Exploits0References1
Prion
Prion
added 2018/09/12 7:29 p.m.16 views

Design/Logic Flaw

DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access...

4.6CVSS5.5AI score0.00432EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/09/12 7:0 p.m.71 views

CVE-2018-12160

CVE-2018-12160 is a DLL injection vulnerability in Intel Data Center Migration Center Software installer (v3.1 and earlier). The issue allows an authenticated local user to execute code with default directory permissions due to improper installer permissions. Affected product/versions: Intel Data...

5.3CVSS5.4AI score0.00432EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/05/17 3:29 a.m.18 views

Authentication flaw

A vulnerability in the API gateway of the Cisco Digital Network Architecture DNA Center could allow an unauthenticated, remote attacker to bypass authentication and access critical services. The vulnerability is due to a failure to normalize URLs prior to servicing requests. An attacker could...

7.5CVSS9.6AI score0.02747EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/12/04 12:0 a.m.4 views

Cisco NX-OS System Software Command Injection Vulnerability in Multiple Cisco Products (CNVD-2017-36141)

Cisco Nexus 5000 Series Switches are the Cisco Nexus series of data center-class switches from Cisco, Inc.Cisco NX-OS System Software is the data center operating system that runs on them. A command injection vulnerability exists in the CLI of Cisco NX-OS System Software in multiple Cisco product...

7.2CVSS8AI score0.0068EPSS
Exploits0References1
CVE
CVE
added 2017/09/21 5:0 a.m.67 views

CVE-2017-12248

CVE-2017-12248 concerns Cisco Unified Intelligence Center Software. The issue is a cross-site scripting (XSS) vulnerability caused by insufficient input validation in the web framework code, allowing an unauthenticated, remote attacker to craft a malicious link or intercept a user request to inje...

6.1CVSS6AI score0.01714EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2015/10/21 9:59 p.m.24 views

CVE-2015-2608

Unspecified vulnerability in 1 the Oracle Communications Diameter Signaling Router DSR component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; 2 the Oracle Communications Performance Intelligence Center Software component in...

10CVSS5.8AI score0.03092EPSS
Exploits0References2
CNVD
CNVD
added 2015/06/24 12:0 a.m.4 views

VCE Vision Intelligent Operations Information Disclosure Vulnerability (CNVD-2015-03961)

VCE Vision Intelligent Operations is a suite of data center software from VCE that supports data centers across multiple systems. The software provides converged infrastructure management, system health checks, and more. An information disclosure vulnerability exists in VCE Vision Intelligent...

7.5CVSS6.4AI score0.01496EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/12/18 12:0 a.m.34 views

HP Info Center ActiveX Control Multiple Remote Vulnerabilities

The remote host contains the HP Quick Launch Button software, part of the HP Info Center software installed by default on many HP and Compaq laptop models. The version of this software on the remote host includes an ActiveX control that reportedly contains three insecure methods - 'GetRegValue',...

9.3CVSS5.6AI score0.3012EPSS
Exploits4References5
NVD
NVD
added 2007/03/07 8:19 p.m.11 views

CVE-2006-7145

edituser.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified userid parameter...

5.5CVSS6.2AI score0.01271EPSS
Exploits1References7
NVD
NVD
added 2007/03/07 8:19 p.m.11 views

CVE-2006-7143

Cross-site scripting XSS vulnerability in Call Center Software 0.93 and earlier allows remote attackers to inject arbitrary web script or HTML via the problem description field...

5.8CVSS5.7AI score0.01328EPSS
Exploits1References6
Cvelist
Cvelist
added 2007/03/07 8:0 p.m.14 views

CVE-2006-7144

SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the user name in the login page...

8.6AI score0.01416EPSS
Exploits1References6
Rows per page
Query Builder