CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

95 matches found

RedhatCVE•added 2026/06/05 7:15 p.m.•7 views

CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS6AI score0.20442EPSS

Exploits1References1

NVD•added 2026/06/03 6:16 p.m.•7 views

CVE-2026-20230

8.6CVSS0.20442EPSS

Exploits1References1

EUVD•added 2026/06/03 4:9 p.m.•10 views

EUVD-2026-34137

8.6CVSS5.8AI score0.20442EPSS

Exploits1References1

Tenable Nessus•added 2026/01/23 12:0 a.m.•19 views

Cisco Unified Communications Manager (CUCM) Remote Code Execution (cisco-sa-voice-rce-mORhqY4b)

According to its self-reported version, the remote Cisco Unified Communications Manager is affected by a remot code execution vulnerability: - A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco...

9.8CVSS6.3AI score0.04307EPSS

Exploits1References3

RedhatCVE•added 2026/01/22 5:34 p.m.•6 views

CVE-2026-20045

A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could...

9.8CVSS6.6AI score0.04307EPSS

Exploits1References1

ATTACKERKB•added 2026/01/21 4:26 p.m.•6 views

CVE-2026-20045

9.8CVSS6.6AI score0.04307EPSS

In wildExploits1References2Affected Software3

CISA KEV Catalog•added 2026/01/21 12:0 a.m.•11 views

Cisco Unified Communications Products Code Injection Vulnerability

Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance contain a code injection...

9.8CVSS5.7AI score0.04307EPSS

In wildExploits1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-26610

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00167EPSS

Exploits0References1

RedhatCVE•added 2025/10/02 4:51 p.m.•6 views

CVE-2025-20361

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

4.8CVSS6.2AI score0.00202EPSS

Exploits0References1

Positive Technologies•added 2025/10/01 12:0 a.m.•4 views

PT-2025-40268

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME affected versions not specified Description A flaw exists in the web-based management interface that may allow a...

4.8CVSS5.9AI score0.00202EPSS

Exploits0References5

NVD•added 2025/09/03 6:15 p.m.•3 views

CVE-2025-20326

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...

8.8CVSS0.00167EPSS

Exploits0References1

Positive Technologies•added 2025/09/03 12:0 a.m.•4 views

PT-2025-35810

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software affected versions not specified Description: A vulnerability exists in the web-based management interface that could allow a...

4.3CVSS6.2AI score0.00167EPSS

Exploits0References7

BDU FSTEC•added 2025/07/04 12:0 a.m.•6 views

The vulnerability of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) systems, related to the use of static credentials, allows a perpetrator to gain access to the root account and execute arbitrary commands.

The vulnerability of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME systems lies in the use of static credentials for the root account. Exploiting this vulnerability could allow an attacker to gain access to the...

10CVSS8.3AI score0.01061EPSS

Exploits0References2Affected Software2

OSV•added 2025/07/02 5:15 p.m.•3 views

CVE-2025-20309

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that...

10CVSS6AI score

Exploits0References1

BDU FSTEC•added 2024/12/26 12:0 a.m.•4 views

The vulnerability in the web interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems allows attackers to perform cross-site scripting attacks and gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows an attacker to perform cross-site scripting...

6.4CVSS5.2AI score0.00349EPSS

Exploits0References3Affected Software2

CVE•added 2024/11/06 4:29 p.m.•49 views

CVE-2024-20511

CVE-2024-20511 describes a cross-site scripting (XSS) vulnerability in the web-based management interfaces of Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The issue stems from insufficient input validation in the web UI, allowing an...

6.1CVSS6AI score0.00307EPSS

Exploits0References1Affected Software1

NVD•added 2024/08/21 5:15 p.m.•18 views

CVE-2024-20375

A vulnerability in the SIP call processing function of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected devic...

8.6CVSS0.00745EPSS

Exploits0References1

Cisco•added 2024/08/21 4:0 p.m.•20 views

Cisco Unified Communications Manager Denial of Service Vulnerability

8.6CVSS8.5AI score0.00745EPSS

Exploits0References1

Positive Technologies•added 2024/08/21 12:0 a.m.•4 views

PT-2024-5693

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager affected versions not specified Cisco Unified Communications Manager Session Management Edition affected versions not specified Description A vulnerability in the SIP call processing function of Cisco Unifi...

8.6CVSS5.8AI score0.00745EPSS

Exploits0References27

Positive Technologies•added 2024/08/11 12:0 a.m.•4 views

PT-2024-9830 · Cisco · Cisco Unified Communications Manager Session Management Edition +1

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager versions prior to the fixed version Cisco Unified Communications Manager Session Management Edition versions prior to the fixed version Description: The issue is related to a lack of input validation in th...

6.4CVSS6.3AI score0.00349EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by