Lucene search
K

626 matches found

CVE
CVE
added 2019/04/18 12:20 a.m.61 views

CVE-2019-1722

Summary: CVE-2019-1722 describes a CSRF vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). An unauthenticated, remote attacker could trick a logged-in user into following a malicious link to perform arbitrary actions via the web...

6.5CVSS6.7AI score0.00685EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2019/03/21 3:59 p.m.3 views

CVE-2016-5800

A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0...

7.5CVSS6.1AI score0.0202EPSS
Exploits0References1
Prion
Prion
added 2019/03/21 3:59 p.m.14 views

Buffer overflow

A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0...

5CVSS7.7AI score0.0202EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2019/03/21 1:56 p.m.52 views

CVE-2016-5800

CVE-2016-5800 describes a remote buffer overflow in the Communication Server of Fatek Automation PM Designer v3 (2.1.2.2) and FV Designer (1.2.8.0). The issue enables remote exploitation that could crash the system or allow arbitrary code execution. Affected components: Communication Server withi...

7.5CVSS7.7AI score0.0202EPSS
Exploits0References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/02/21 12:0 a.m.4 views

The vulnerability in the web interface of software for Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server allows a perpetrator to compromise the integrity of protected information.

The vulnerability of the software web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server lies in insufficiently checking incoming requests. Exploiting this vulnerability allows a malicious actor to compromise the integrity of...

5CVSS5.7AI score0.02125EPSS
Exploits0References3
CNVD
CNVD
added 2019/02/12 12:0 a.m.1 views

Cisco TelePresence Video Communication Server (VCS) Cross-Site Request Forgery Vulnerability

Cisco TelePresence Video Communication Server is a video server developed by Cisco. Cisco TelePresence Video Communication Server suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to submit a special request and execute arbitrary code...

5CVSS7.3AI score0.02125EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/02/05 9:0 p.m.33 views

CVE-2018-18505

An earlier fix for an Inter-process Communication IPC vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the...

7.4AI score0.04538EPSS
Exploits0References18
Cisco
Cisco
added 2018/10/03 4:0 p.m.394 views

Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability

A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficien...

4.7CVSS2.7AI score0.02874EPSS
Exploits0References1
OSV
OSV
added 2018/08/15 8:29 p.m.4 views

CVE-2018-0409

A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...

7.5CVSS5.8AI score0.03491EPSS
Exploits0References5
CNVD
CNVD
added 2018/06/22 12:0 a.m.3 views

Cisco TelePresence Video Communication Server Expressway Denial of Service Vulnerability (CNVD-2018-11975)

Cisco TelePresence Video Communication Server VCS Expressway is a TelePresence video communication server from Cisco that integrates with Unified Communications and voice communication environments to provide the best possible experience for end users using a variety of communication tools. A...

7.5CVSS7.4AI score0.03449EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/20 12:0 a.m.5 views

Cisco Expressway Series and Cisco TelePresence Denial of Service Vulnerability

Cisco Expressway Series Software and Cisco TelePresence Video Communication Server VCS Software are both telepresence video communication servers from Cisco that integrate with unified communications and voice communications environments to It can be integrated with unified communications and voi...

4.3CVSS4.8AI score0.01649EPSS
Exploits0References1
CVE
CVE
added 2017/10/19 8:0 a.m.65 views

CVE-2017-12287

CVE-2017-12287 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) Software. The issue stems from incomplete input validation of URL requests in the REST API of the CDB management component, allowing an authenticated, remote attacker to send a crafted URL that ...

4.3CVSS4.8AI score0.01649EPSS
Exploits0References3Affected Software3
CNVD
CNVD
added 2017/08/18 12:0 a.m.4 views

Cisco TelePresence Video Communication Server Denial of Service Vulnerability (CNVD-2017-221679)

Cisco TelePresence Video Communication Server VCS is a telepresence video communication server from Cisco USA.Session Initiation Protocol SIP is one of the session initiation protocols. A denial of service vulnerability exists in SIP in Cisco TelePresence VCS. A remote attacker could exploit this...

7.1CVSS6.5AI score0.02032EPSS
Exploits0References1
OSV
OSV
added 2017/02/13 9:59 p.m.3 views

CVE-2016-5798

An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious attacker can trigger a remote buffer overflow o...

7.5CVSS6.2AI score0.02026EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2017/01/07 9:4 p.m.17 views

Description of the cumulative update for Office Communications Server 2007 R2, Microsoft Unified Communications Managed API 2.0 Windows Workflow Activities Redist: March, 2011

Describes the bugs that are resolved in the cumulative update for Office Communications Server 2007 R2, Microsoft Unified Communications Managed API 2.0 Windows Workflow Activities Redist that is dated March 2011.SummaryThis article describes the issue that is fixed in the Office Communications...

0.1AI score
Exploits0
Prion
Prion
added 2016/12/14 12:59 a.m.21 views

Design/Logic Flaw

A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway. Affected Products: This vulnerability affects Cisco Expresswa...

6.4CVSS7.3AI score0.02019EPSS
Exploits1References3Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2016/12/14 12:0 a.m.35 views

Fatek Automation Communication Server Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of query requests. An overly long string sent while...

7.5CVSS4AI score0.0229EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2016/08/25 12:0 a.m.46 views

FreePBX 13.0.35 Remote Code Execution

Vulnerable software : Freepbx Tested version : 13.0.35 vendor : freepbx.org Author : Ahmed sultan 0x4148 Email : [email protected] Summary : FreePBX is a web-based open source GUI graphical user interface that controls and manages Asterisk PBX, an open source communication server, With over 1...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2016/08/08 12:0 a.m.28 views

CVE-2016-1468

The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID CSCuv12531...

8.8AI score0.02894EPSS
Exploits0References3
CNVD
CNVD
added 2016/08/04 12:0 a.m.4 views

Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability

Cisco TelePresence Video Communication Server Expressway is a TelePresence video communication server from Cisco that integrates with Unified Communications and voice communication environments to provide the best possible experience for end-users using a variety of communication tools. A remote...

8.8CVSS8.3AI score0.02894EPSS
Exploits0References1
Rows per page
Query Builder