Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-24647

Malware in sbrugna...

9.8CVSS9.1AI score0.01152EPSS
Exploits0References2
OSV
OSV
added 2024/11/18 4:15 p.m.3 views

CVE-2020-3538

A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploi...

8.1CVSS5.9AI score0.00502EPSS
Exploits0References3
OSV
OSV
added 2021/01/20 9:15 p.m.2 views

CVE-2021-1250

Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager DCNM could allow a remote attacker with network-operator privileges to conduct a cross-site scripting XSS attack or a reflected file download RFD attack against a user of the interface. For more...

5.4CVSS6.1AI score0.00614EPSS
Exploits0References1
OSV
OSV
added 2021/01/20 9:15 p.m.4 views

CVE-2021-1247

Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...

8.8CVSS7.6AI score0.01901EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/20 12:0 a.m.0 views

Cisco Data Center Network Manager Authorization Bypass Vulnerability

Cisco Data Center Network Manager DCNM is a data center management system from Cisco. The system works with Cisco Nexus and MDS series switches and provides storage visualization, configuration and troubleshooting. An authorization issue vulnerability exists in the Web management interface in Cis...

6.8AI score
Exploits0References1
OSV
OSV
added 2020/06/18 3:15 a.m.2 views

CVE-2020-3354

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. The vulnerability is due to insufficient inpu...

4.8CVSS6.1AI score
Exploits0References1
CNVD
CNVD
added 2020/02/20 12:0 a.m.2 views

Cisco Data Center Network Manager elevation of privilege vulnerability (CNVD-2020-10705)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. An elevation of privilege vulnerability exists in the REST API endpoint of Cisco...

8.8CVSS7.3AI score0.01452EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.4 views

The vulnerability of the SOAP API interface of the Cisco Data Center Network Manager system allows a attacker to execute arbitrary commands.

The vulnerability of the SOAP API interface of the Cisco Data Center Network Manager DCNM system exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on t...

9CVSS7.5AI score0.03304EPSS
Exploits4References2
BDU FSTEC
BDU FSTEC
added 2020/01/29 12:0 a.m.4 views

The vulnerability of the REST API interface of the Cisco Data Center Network Manager system allows a attacker to perform arbitrary actions on the vulnerable device.

The vulnerability of the REST API interface of the Cisco Data Center Network Manager DCNM system is related to the use of pre-installed registration data. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions on the vulnerable device remotely...

10CVSS7.8AI score0.85649EPSS
Exploits7References2
OSV
OSV
added 2020/01/06 8:15 a.m.2 views

CVE-2019-15984

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DC...

7.2CVSS6.1AI score0.46935EPSS
Exploits10References2
Zero Day Initiative
Zero Day Initiative
added 2020/01/03 12:0 a.m.21 views

Cisco Data Center Network Manager getVsanListForEnclosures SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.3AI score0.46935EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
added 2020/01/03 12:0 a.m.14 views

Cisco Data Center Network Manager getAllVpcs SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.4AI score0.46935EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
added 2020/01/03 12:0 a.m.21 views

Cisco Data Center Network Manager DbAdminRest saveLicenseFileToServer Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.3AI score0.4996EPSS
Exploits4References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/01 5:5 p.m.39 views

Security Bulletin: IBM API Connect is impacted by multiple open source software vulnerabilities.

Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-0268 DESCRIPTION: Microsoft Server Message Block 1.0 SMBv1 could allow a remote attacker to obtain sensitive information, caused by improper handling of incoming requests. By sending...

9.8CVSS0.8AI score0.07243EPSS
Exploits7Affected Software1
Rows per page
Query Builder