74 matches found
EUVD-2007-3039
Malware in sbrugna...
EUVD-2019-6263
Malware in sbrugna...
EUVD-2023-51431
Malicious code in bioql PyPI...
CVE-2022-20766 Cisco ATA 190 Series Analog Telephone Adapter firmware Cisco Discovery Protocol Denial of Service Vulnerability
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to an out-of-bounds read when processing Cisco...
CVE-2024-20461
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...
CVE-2024-20462
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...
CVE-2024-20421
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to...
CVE-2024-20420
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...
CVE-2024-20463 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection and Denial of Service Vulnerability
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing state changes in GET...
CVE-2024-20463
CVE-2024-20463 affects the Cisco ATA 190 Series Analog Telephone Adapter firmware. The vulnerability stems from the HTTP server permitting state changes via GET requests in the web-based management interface, allowing an unauthenticated, remote attacker to modify configuration and reboot the devi...
CVE-2024-20462 Cisco ATA 190 Series Analog Telephone Adapter Muliplatform Firmware Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...
CVE-2024-20462
CVE-2024-20462 affects Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware. The issue arises from incorrect sanitization of HTML content in the web-based management interface, enabling an authenticated, local attacker with low privileges to view passwords of other users. The vuln...
CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...
CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...
CVE-2024-20461
CVE-2024-20461 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. The vulnerability stems from insufficient sanitization of CLI input, allowing an authenticated, local attacker with high privileges to execute arbitrary commands as root and potentially read/write the underlying OS. Co...
CVE-2024-20460
CVE-2024-20460 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. It’s a reflected XSS in the web-based management interface caused by insufficient input validation; an unauthenticated remote attacker can lure a user to click a crafted link to execute script in the interface or acces...
CVE-2024-20458 Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or change the firmware on an affected device. This vulnerability is due to a lack of authentication o...
CVE-2024-20458
The CVE-2024-20458 entry concerns Cisco ATA 190 Series Analog Telephone Adapter firmware. Affected: Cisco ATA 190 Series devices with web-based management interface. Vulnerability: lack of authentication on specific HTTP endpoints enables an unauthenticated, remote attacker to view or delete the ...
CVE-2024-20458 Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or change the firmware on an affected device. This vulnerability is due to a lack of authentication o...
CVE-2024-20420 Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...