CVE-2026-20102

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

CVE-2024-20369

A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator NSO could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of a parameter in an HTTP request. An...

Cisco Crosswork Network Services Orchestrator 安全漏洞

Cisco Crosswork Network Services Orchestrator is a network services orchestrator from Cisco USA. A security vulnerability exists in Cisco Crosswork Network Services Orchestrator that originates from improper validation of parameter inputs in HTTP requests, allowing an unauthenticated, remote...

NetGain Systems Enterprise Manager exec_jsp Command Execution (CVE-2017-16602)

A command execution vulnerability exists in NetGain Systems Enterprise Manager. The vulnerability is due improper validation of command HTTP parameter. A remote, authenticated attacker can exploit this vulnerability by sending crafted requests to a vulnerable server...

ESF pfSense status_rrd_graph_img.php Command Injection

A Command Injection vulnerability has been reported in ESF pfSense. This vulnerability is due to statusrrdgraphimg.php incorrectly validating the graph HTTP parameter. A remote, authenticated attacker can exploit this vulnerability by sending crafted requests to the statusrrdgraphimg.php URI...