32 matches found
EUVD-2016-2568
Malware in sbrugna...
EUVD-2024-18166
Malicious code in bioql PyPI...
CVE-2024-20450
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
CVE-2024-20451
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly. These vulnerabilities exist because...
CVE-2024-20454
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
CVE-2024-20450
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
EUVD-2024-18165
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
PT-2024-5616 · Cisco · Cisco Small Business Spa500 +1
Name of the Vulnerable Software and Affected Versions: Cisco Small Business SPA300 and SPA500 affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the web interface of the Cisco Small Business SPA300 and SPA500 IP phone software. This vulnerabili...
Cisco SPA300 and SPA500 Series IP Phones Cross-Site Request Forgery Vulnerability
The Cisco SPA300 and SPA500 Series IP Phones are both IP phone products from Cisco USA. A cross-site request forgery vulnerability exists in the Cisco SPA300 and SPA500 Series IP Phones that stems from a lack of cross-site request forgery protection in the program. A remote attacker could exploit...
CVE-2017-12271
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
Cross site request forgery (csrf)
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
CVE-2017-12271
CVE-2017-12271 affects Cisco SPA300 and SPA500 Series IP Phones. The issue is a lack of cross-site request forgery (CSRF) protection in the web interface, allowing an unauthenticated, remote attacker to trigger unwanted actions by tricking a user into executing an adverse action. Documented impac...
PT-2017-12446 · Cisco · Cisco Spa500 Series Ip Phones +1
Name of the Vulnerable Software and Affected Versions: Cisco SPA300 and SPA500 Series IP Phones affected versions not specified Description: A lack of cross-site request forgery CSRF protection in the Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to...
Cisco SPA300 and SPA500 Series IP Phones Cross-Site Request Forgery Vulnerability
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
CVE-2017-12219
The CVE-2017-12219 vulnerability affects Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones. It stems from the devices’ handling of IP fragments, specifically an inability to reassemble many large fragments in a short time. A remote, unauthenticated attacker can send a crafted strea...
CVE-2017-12219
A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to the...
CVE-2016-1469
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service device outage via a series of malformed HTTP requests, aka Bug ID CSCut67385...
CVE-2016-1469
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service device outage via a series of malformed HTTP requests, aka Bug ID CSCut67385...
CVE-2016-1469
CVE-2016-1469 affects Cisco Small Business SPA300, SPA500, and SPA51x IP Phones. The issue is in the HTTP framework which can be exploited by sending malformed HTTP requests to an affected device, allowing an unauthenticated remote attacker to cause a denial of service (device outage) (Bug ID CSC...
Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability
A vulnerability in the HTTP framework of Cisco Small Business SPA300 Series IP Phones, Cisco Small Business SPA500 Series IP Phones, and Cisco SPA51x IP Phones could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is du...