Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-10480

Malware in sbrugna...

6.6CVSS6.5AI score0.00472EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-18166

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00753EPSS
Exploits0References1
NVD
NVD
added 2024/08/07 5:15 p.m.22 views

CVE-2024-20450

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...

9.8CVSS0.07225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/07 4:47 p.m.23 views

CVE-2024-20454

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...

9.8CVSS8.6AI score0.066EPSS
Exploits0References1
EUVD
EUVD
added 2024/08/07 4:46 p.m.3 views

EUVD-2024-18165

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...

9.8CVSS8AI score0.07225EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/07 4:46 p.m.21 views

CVE-2024-20450

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...

9.8CVSS0.07225EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/08/08 12:0 a.m.6 views

The vulnerability in the web interface for controlling microprogrammed IP phones of the Cisco Small Business SPA500 series allows attackers to perform cross-site scripting attacks.

The vulnerability of the web interface for managing microprogrammed IP telephone systems from Cisco’s Small Business SPA500 series is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

6.4CVSS6AI score0.00427EPSS
Exploits0References4
NVD
NVD
added 2023/08/03 10:15 p.m.23 views

CVE-2023-20181

A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the...

6.1CVSS6.3AI score0.00427EPSS
Exploits0References1
Prion
Prion
added 2023/08/03 10:15 p.m.20 views

Input validation

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of user-supplied input by the...

5.8CVSS6AI score0.00368EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/03 9:22 p.m.34 views

CVE-2023-20181

A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the...

6.1CVSS6.4AI score0.00427EPSS
Exploits0References1
CVE
CVE
added 2023/08/03 9:20 p.m.75 views

CVE-2023-20218

Cisco SPA500 Series ATAs web-based management interface is affected by CVE-2023-20218. Root cause: insufficient validation of user-supplied input in the web UI. Attack scenario: authenticated remote attacker can persuade a user to click a crafted link, enabling content modification in the browser...

6.1CVSS6AI score0.00368EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/03 9:20 p.m.24 views

CVE-2023-20218

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of user-supplied input by the...

5.8CVSS6.2AI score0.00368EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/03 9:20 p.m.17 views

CVE-2023-20218

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of user-supplied input by the...

5.8CVSS6.6AI score0.00368EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/24 12:0 a.m.11 views

Cisco Small Business SPA500 Series IP Phones HTML Injection Vulnerability

Cisco Small Business SPA500 Series IP Phones is an SPA500 series IP phone from Cisco USA. The Cisco Small Business SPA500 Series IP Phones suffer from an HTML injection vulnerability that can be exploited by an attacker to redirect users to potentially malicious websites by convincing them to cli...

6.1CVSS6.7AI score0.00368EPSS
Exploits0References1
CNVD
CNVD
added 2023/07/24 12:0 a.m.8 views

Cisco Small Business SPA500 Series IP Phones Cross-Site Scripting Vulnerability

Cisco Small Business SPA500 Series IP Phones is an SPA500 series IP phone from Cisco USA. A cross-site scripting vulnerability exists in the Cisco Small Business SPA500 Series IP Phones, which can be exploited by an attacker to execute arbitrary script code in the context of an affected interface...

6.1CVSS6.5AI score0.00427EPSS
Exploits0References1
Cisco
Cisco
added 2023/07/19 4:0 p.m.34 views

Cisco Small Business SPA500 Series IP Phones Web UI Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS or HTML injection attacks. For more information about these vulnerabilities, see the Details "details"...

6.1CVSS6.1AI score0.00427EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.5 views

PT-2022-6770 · Cisco · Cisco Small Business Spa500 Series Ip Phones

Name of the Vulnerable Software and Affected Versions: Cisco Small Business SPA500 Series IP Phones affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks. This...

6.4CVSS6.1AI score0.00427EPSS
Exploits0References7
CNVD
CNVD
added 2020/10/09 12:0 a.m.1 views

Cisco Small Business SPA500 Series IP Phones Input Validation Error Vulnerability

Cisco Small Business SPA500 Series IP Phones is an SPA500 series IP phone from Cisco USA. An input validation error vulnerability exists in Cisco Small Business SPA500 Series IP Phones using firmware version 7.6.2SR5 and earlier. The vulnerability stems from the fact that the device comes with...

6.6CVSS7.5AI score0.00363EPSS
Exploits0References1
NVD
NVD
added 2020/09/23 1:15 a.m.21 views

CVE-2019-15959

A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit...

6.6CVSS0.00363EPSS
Exploits0References1
OSV
OSV
added 2020/09/23 1:15 a.m.4 views

CVE-2019-15959

A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit...

6.6CVSS6AI score0.00363EPSS
Exploits0References1
Rows per page
Query Builder