39 matches found
EUVD-2019-10279
Malware in sbrugna...
EUVD-2022-26103
Malicious code in bioql PyPI...
EUVD-2022-26057
Malicious code in bioql PyPI...
CVE-2022-20814
A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device...
CVE-2022-20853
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...
CVE-2022-20814
A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device...
CVE-2022-20814
A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device...
CVE-2022-20814 Cisco Expressway Series and Cisco TelePresence VCS Improper Certificate Validation Vulnerability
A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device...
CVE-2022-20853 Cisco Expressway Series and Cisco TelePresence VCS Cross-Site Request Forgery Vulnerability
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...
CVE-2022-20853 Cisco Expressway Series and Cisco TelePresence VCS Cross-Site Request Forgery Vulnerability
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...
Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities
VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 CVSS score: 9.8 that cou...
PT-2022-5101 Ā· Cisco Ā· Cisco Expressway SeriesĀ +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence VCS affected versions not specified Description: The issue is related to a cross-site request forgery CSRF attack. It is caused by insufficient CSRF protections for the web-based management...
PT-2022-5102 Ā· Cisco Ā· Cisco Telepresence VcsĀ +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway-C affected versions not specified Cisco TelePresence VCS affected versions not specified Description: A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an...
CVE-2022-20813
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco...
CVE-2022-20755
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the...
CVE-2021-34715
A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability is due to...
CVE-2021-34716 Cisco Expressway Series and TelePresence Video Communication Server Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrec...
Cisco Expressway Series and TelePresence Video Communication Server Denial of Service Vulnerability
A vulnerability in the Session Initiation Protocol SIP of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to incorrect handling ...
CVE-2019-12705
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected...