5784 matches found
Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...
Cisco Integrated Management Controller Virtual Keyboard Video Monitor Stored Cross-Site Scripting Vulnerability
A vulnerability in the Virtual Keyboard Video Monitor vKVM connection handling of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is...
Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability
A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...
Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability
A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denia...
Cisco Nexus Dashboard Path Traversal Vulnerability
A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid...
Cisco NX-OS Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...
Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability
A vulnerability in the Intermediate System-to-Intermediate System IS-IS feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly...
PT-2025-34314
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.0 through 7.4.3.132 Liferay DXP versions 2025.Q1.0 through 2025.Q1.4 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through 2024.Q3.13 Liferay DXP versions 2024.Q2.0 through...
July 8, 2025—KB5062557 (OS Build 17763.7558)
July 8, 2025—KB5062557 OS Build 17763.7558 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the past...
July 8, 2025—KB5062560 (OS Build 14393.8246)
July 8, 2025—KB5062560 OS Build 14393.8246 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the past...
TencentOS Server 3: java-21-openjdk (TSSA-2025:0691)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0691 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Cisco Identity Services Engine Arbitrary File Upload Vulnerability
A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...
CVE-2025-43490
A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability...
CVE-2025-43490
A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability...
CVE-2025-43490 HP Hotkey Support – Escalation of Privilege
A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability...
CVE-2025-43490 HP Hotkey Support – Escalation of Privilege
A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability...
HP Hotkey Support – Escalation of Privilege
A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability. HP has identified affected platforms and...
Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial of Service Vulnerability
A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume...
Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities
Multiple vulnerabilities in the Internet Key Exchange Version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to...