CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

0day.today•added 2013/02/05 12:0 a.m.•24 views

Cisco Unity Express Multiple Vulnerabilities

Exploit for jsp platform in category web applications Cisco Advisory http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1114 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1120 Proof of Concept XSS - CVE-2013-1114: GET: Reflective XSS & Info...

6.8CVSS0.5AI score0.1338EPSS

Exploits5

Packet Storm•added 2013/02/05 12:0 a.m.•31 views

Cisco Unity Express Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Cisco Unity Express Multiple Vulnerabilities Reported: December 2012 Disclosed: February 2013 Author: Jacob Holcomb of Independent Security Evaluators CVE: XSS - CVE-2013-1114 and CSRF - CVE-2013-1120 http://infosec42.blogspot.com/2013/02/cisco-unity-express-vulnerabilites.html Cis...

6.8CVSS0.2AI score0.1338EPSS

Exploits5

Exploit DB•added 2013/02/05 12:0 a.m.•31 views

Cisco Unity Express - Multiple Vulnerabilities

6.8CVSS6.4AI score0.1338EPSS

Exploits5

Cisco•added 2013/02/01 8:4 p.m.•22 views

Cisco Unity Express Cross-Site Scripting Vulnerabilities

Cisco Unity Express contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerabilities are due to insufficient sanitization of user-supplied input processed by the Cisco Unity Express software. An unauthenticated,...

5CVSS2.3AI score0.1338EPSS

Exploits5References1

Cisco•added 2013/02/01 8:3 p.m.•22 views

Cisco Unity Express Multiple Cross-Site Request Forgery Vulnerabilities

Cisco Unity Express contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross-site request forgery attacks. The vulnerabilities are due to insufficient sanitization of user-supplied input processed by the Cisco Unity Express software. An...

5CVSS1.6AI score0.00577EPSS

Exploits5References1

NVD•added 2006/05/04 12:38 p.m.•12 views

CVE-2006-2166

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express CUE 2.22 and earlier, when running on any CUE Advanced Integration Module AIM or Network Module NM, allows remote authenticated attackers to reset the password for any user with an expired password...

2.1CVSS6.5AI score0.00496EPSS

Exploits0References7

Prion•added 2006/05/04 12:38 p.m.•13 views

Design/Logic Flaw

2.1CVSS7AI score0.00496EPSS

Exploits0References7Affected Software1

CVE•added 2006/05/04 10:0 a.m.•42 views

CVE-2006-2166

CVE-2006-2166 affects Cisco Unity Express (CUE) 2.2(2) and earlier when running on any CUE AIM or NM. The HTTP management interface contains an unspecified vulnerability that allows remote authenticated attackers to reset the password for any user with an expired password. The connected documents...

2.1CVSS6.5AI score0.00496EPSS

Exploits0References7Affected Software2

Cvelist•added 2006/05/04 10:0 a.m.•13 views

CVE-2006-2166

6.5AI score0.00496EPSS

Exploits0References7

securityvulns•added 2006/05/02 12:0 a.m.•65 views

Unauthorized Cisco Unity Express access

It's possible to change password without entering old one if account is expired...

2.5AI score

Exploits0References1Affected Software1

securityvulns•added 2006/05/02 12:0 a.m.•24 views

[Full-disclosure] Cisco Security Advisory: Cisco Unity Express Expired Password Reset Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unity Express Expired Password Reset Privilege Escalation Advisory ID: cisco-sa-20060501-cue http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml Revision 1.0 For Public Release 2006 May 01 2300 UTC GMT...

7.1AI score

Exploits0

Cisco•added 2006/05/01 11:0 p.m.•26 views

Cisco Unity Express Expired Password Reset Privilege Escalation

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

2.1CVSS6.3AI score0.00496EPSS

Exploits0References1

NVD•added 2005/12/31 5:0 a.m.•13 views

CVE-2005-4794

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager SESM allows remote attackers to cause a denial of service crash or instability via a compressed DNS packet with a label length byte with an incorrect offset...

5CVSS6.7AI score0.03021EPSS

Exploits0References12

securityvulns•added 2005/05/25 12:0 a.m.•24 views

[SA15472] Cisco Various Products Compressed DNS Messages Denial of Service

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by