PT-2024-18644 · Cisco · Cisco Ios +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the IKEv1 fragmentation code could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected devic...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a flaw in the...

Cisco IOS 和 IOS XE Software 安全漏洞

Cisco IOS and Cisco IOS XE Software are both products of Cisco, Inc.Cisco IOS is a set of operating systems developed for its network devices.Cisco IOS XE Software is an operating system. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE...

多款Cisco产品安全漏洞

Cisco IOS and Cisco IOS XE Software are both products of Cisco, Inc.Cisco IOS is a set of operating systems developed for its network devices.Cisco IOS XE Software is an operating system. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE...

PT-2024-8248 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the OSPF version 2 OSPFv2 feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload...

Cisco Catalyst 安全漏洞

Cisco Catalyst is a family of switches from Cisco USA. A security vulnerability exists in the Cisco Catalyst 6000 that stems from a flaw in the Cisco IOS software that could allow an unauthenticated, neighboring attacker to cause an affected device to accidentally reload...

WordPress Theme Networker 安全漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress Theme Networker 1.1.9 and earlier versions, which stems...

多款Cisco产品安全漏洞

Cisco IOS and Cisco IOS XE Software are both products of Cisco, Inc.Cisco IOS is a set of operating systems developed for its network devices.Cisco IOS XE Software is an operating system. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE...

SendPress Newsletters <= 1.23.11.6 - Admin+ Stored XSS via Settings

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Click SendPress in the Admin menu...

Cisco Unified IP Phone 9900 Series Denial of Service (CVE-2015-0601)

Cisco Unified IP 9900 phones with firmware 9.4.1 and earlier allow local users to cause a denial of service device reload via crafted commands, aka Bug ID CSCup92790. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEV...

Cisco IP Phones Web Application Buffer Overflow (CVE-2016-1421)

A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service DoS condition. The vulnerability exists because the affected software fails t...

CVE-2024-2393

A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file adduser.php. The manipulation of the argument city leads to sql injection. The attack can be launched remotely. The...

CVE-2024-2393 SourceCodester CRUD without Page Reload add_user.php sql injection

A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file adduser.php. The manipulation of the argument city leads to sql injection. The attack can be launched remotely. The...

CVE-2024-2393

SourceCodester CRUD without Page Reload 1.0 is affected by a SQL injection in add_user.php via the city parameter. This vulnerability is exploitable remotely and has had an exploit disclosed publicly. Affected functionality is described as unknown in the file add_user.php; no product/vendor versi...

Cisco FXOS Software Link Layer Discovery Protocol DoS (cisco-sa-nxos-lldp-dos-z7PncTgt)

According to its self-reported version, Cisco FXOS is affected by a vulnerability. The vulnerability lies in the Link Layer Discovery Protocol LLDP feature of Cisco FXOS Software and could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: docker, pulumi-language-yaml, newrelic-infra-operator, step, kubernetes-dashboard-metrics-scraper, coredns, kaf, ip-masq-agent, crossplane-provider-aws, kubernetes-csi-external-provisioner, velero, kubernetes-dns-node-cache, rook, buf, syft, kubewatch,...

CVE-2024-20344

A vulnerability in system resource management in Cisco UCS 6400 and 6500 Series Fabric Interconnects that are in Intersight Managed Mode IMM could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the Device Console UI of an affected device. This vulnerabilit...

Cisco NX-OS Software Security Vulnerability

Cisco NX-OS Software is a set of data center-grade operating system software used by Cisco switches in the United States. A security vulnerability exists in Cisco NX-OS Software. An attacker could exploit this vulnerability to cause the netstack process to restart unexpectedly, which could cause...

kernel: use-after-free after failed devlink reload in devlink_param_get

A flaw was found in the Netlink device interface implementation in the Linux kernel that improperly handled certain error conditions, leading to a use-after-free issue with some network device drivers. A local attacker with admin access to the network device could use this to cause a denial of...

Cross site request forgery (csrf)

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for th...