Lucene search
K

5787 matches found

Cisco
Cisco
added 2026/04/15 4:0 p.m.18 views

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting XSS attack, an open redirect attack, and an SQL injection attack. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has...

6.1CVSS5.8AI score0.00228EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/15 4:0 p.m.32 views

Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.8AI score0.00499EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.36 views

Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

9.8CVSS6AI score0.00991EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.15 views

Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability

A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypt...

6.5CVSS6.1AI score0.00293EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.13 views

Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerability is due to improper authorization...

8CVSS5.9AI score0.0027EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.16 views

Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. For more information about these vulnerabilities, see the Details "details"...

6.1CVSS5.9AI score0.00184EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/01 4:0 p.m.21 views

Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elevate privileges to root. For more...

8.8CVSS6.2AI score0.00929EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/25 4:0 p.m.14 views

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...

4.8CVSS6AI score0.00194EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/25 4:0 p.m.12 views

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user...

5.4CVSS6AI score0.00162EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 12:35 a.m.27 views

CVE-2026-20668

CVE-2026-20668 is a logging issue in Apple OS components that could allow an app to access sensitive user data. Affected products include iOS and iPadOS (18.7.7 and 26.3), macOS (Sequoia 15.7.5, Sonoma 14.8.5, Tahoe 26.3), and visionOS 26.3. The underlying problem is improper data handling in log...

5.5CVSS5.8AI score0.00178EPSS
Exploits0References6Affected Software4
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.7 views

PT-2026-27610

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.4 iPadOS versions prior to 26.4 macOS Sequoia versions prior to 15.7.5 macOS Sonoma versions prior to 14.8.5 macOS Tahoe versions prior to 26.4 Description An issue exists that may allow a remote attacker to cause a...

7.5CVSS5.9AI score0.00665EPSS
Exploits0References9
Malwarebytes
Malwarebytes
added 2026/03/12 5:49 p.m.8 views

Apple patches Coruna exploit kit flaws for older iOS versions

On March 3, 2026, Google warned about a powerful exploit kit targeting Apple iPhone models running iOS version 13.0 released in September 2019 up to version 17.2.1 released in December 2023. In the latest security updates, Apple patched the vulnerabilities used in the Coruna exploit kit for older...

8.8CVSS5.7AI score0.10593EPSS
Exploits10
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/11 10:20 p.m.8 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to information disclosure (CVE-2025-14483)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed information disclosure security vulnerability Vulnerability Details CVEID:CVE-2025-14483 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway could disclose sensitive host information to authenticat...

6.5CVSS5.7AI score0.00241EPSS
Exploits0Affected Software1
Cisco
Cisco
added 2026/03/11 4:0 p.m.16 views

Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

6.8CVSS5.8AI score0.00318EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/11 4:0 p.m.22 views

Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise Packaged CCE, Cisco Unified Contact Center Enterprise Unified CCE, Cisco Unified Contact Center Express Unified CCX, and Cisco Unified Intelligence Center could allow an...

6.1CVSS6AI score0.00207EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/04 4:0 p.m.11 views

Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability

A vulnerability in the web interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due ...

10CVSS6.1AI score0.387EPSS
Exploits2References1
Cisco
Cisco
added 2026/03/04 4:0 p.m.12 views

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

6CVSS6.6AI score0.00132EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/04 4:0 p.m.15 views

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities

Multiple vulnerabilities in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow a remote attacker to cause an affected device to stop responding or to reload unexpectedly,...

8.6CVSS6AI score0.00354EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/04 4:0 p.m.8 views

Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability

A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific...

5.3CVSS6.1AI score0.00381EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/04 4:0 p.m.9 views

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

6.1CVSS5.8AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder