20 matches found
EUVD-2013-1203
Malware in sbrugna...
EUVD-2013-1211
Malware in sbrugna...
EUVD-2020-24423
Malware in sbrugna...
EUVD-2021-6611
Malicious code in bioql PyPI...
CVE-2013-1171
Multiple cross-site scripting XSS vulnerabilities in the element-list implementation in Cisco Connected Grid Network Management System CG-NMS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCue14517, CSCue38914, CSCue38884, CSCue38882,...
CVE-2013-1163
Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System CG-NMS allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746...
Cisco Connected Mobile Experiences Strong Authentication Requirements Enforcement Bypass
A vulnerability in the change password API of Cisco Connected Mobile Experiences CMX could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. This vulnerability...
Cisco Connected Mobile Experiences User Enumeration Vulnerability
Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. A user enumeration vulnerability exists in API authorization for Cisco Connected Mobile Experiences...
Cisco Connected Mobile Experiences Access Control Error Vulnerability
Cisco Connected Mobile Experiences is a connected mobile experience from Cisco USA. An access control error vulnerability exists in Cisco Connected Mobile Experiences that could allow a remote, authenticated attacker with no administrative privileges to change the password of any user on an...
CVE-2021-1143
A vulnerability in Cisco Connected Mobile Experiences CMX API authorizations could allow an authenticated, remote attacker to enumerate what users exist on the system. The vulnerability is due to a lack of authorization checks for certain API GET requests. An attacker could exploit this...
PT-2021-1645 · Cisco · Cisco Connected Mobile Experiences
Name of the Vulnerable Software and Affected Versions: Cisco Connected Mobile Experiences CMX affected versions not specified Description: The issue is related to a lack of authorization checks for certain API GET requests, which could allow an authenticated, remote attacker to enumerate users on...
CVE-2020-3151
A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...
CVE-2020-3152
A vulnerability in Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to execute arbitrary commands with root privileges. The vulnerability is due to improper user permissions that are configured by default on an affected system. An...
CVE-2020-3151 Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability
A vulnerability in the CLI of Cisco Connected Mobile Experiences CMX could allow an authenticated, local attacker with administrative credentials to bypass restrictions on the CLI. The vulnerability is due to insufficient security mechanisms in the restricted shell implementation. An attacker cou...
Cisco Connected Mobile Experiences Elevation of Privilege Vulnerability
Cisco Connected Mobile Experiences CMX is an intelligent Wi-Fi solution that uses the Cisco wireless infrastructure to provide location services and location analytics to consumers' mobile devices. An elevation of privilege vulnerability exists in Cisco Connected Mobile Experiences 10.6.0, 10.6.1...
CVE-2019-1645
A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...
CVE-2019-1645
A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...
CVE-2016-1477
Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891...
Cisco Connected Grid Network Management System Elevation of Privilege Vulnerability
Cisco Connected Grid Network Management System CG-NMS is an end-to-end smart grid management system from Cisco. A security vulnerability exists in the web GUI of Cisco CG-NMS version 3.00.35 and 3.00.54. A remote attacker can exploit the vulnerability via the Monitor-Only role to bypass establish...
CVE-2013-1171
Multiple cross-site scripting XSS vulnerabilities in the element-list implementation in Cisco Connected Grid Network Management System CG-NMS allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCue14517, CSCue38914, CSCue38884, CSCue38882,...