142 matches found
EUVD-2024-17970
Malicious code in bioql PyPI...
EUVD-2023-24284
Malicious code in bioql PyPI...
EUVD-2024-17969
Malicious code in bioql PyPI...
CVE-2010-1355
Cross-site scripting XSS vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316...
CVE-2010-1356
Unspecified vulnerability on the TANDBERG Video Communication Server VCS before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773...
The vulnerability of the application programming interface of Cisco Expressway micro-programming software and Cisco TelePresence Video Communication Server micro-programming software for device management allows a attacker to perform a CSRF attack.
The vulnerability of the application programming interface of Cisco Expressway micro-programming software and Cisco TelePresence Video Communication Server micro-programming software for device management systems is related to the manipulation of cross-site requests. Exploiting this vulnerability...
CVE-2024-20254
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks that perform arbitrary actions on an affected device. Note: "Cisco Expressway Series" refers...
CVE-2024-20252
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks that perform arbitrary actions on an affected device. Note: "Cisco Expressway Series" refers...
Cross site request forgery (csrf)
A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for th...
Cross site request forgery (csrf)
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks that perform arbitrary actions on an affected device. Note: "Cisco Expressway Series" refers...
CVE-2024-20255
A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for th...
CVE-2024-20255
A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for th...
CVE-2024-20254
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks that perform arbitrary actions on an affected device. Note: "Cisco Expressway Series" refers...
PT-2024-1655 · Cisco · Cisco Telepresence Video Communication Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS affected versions not specified Description: The issue concerns multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Serve...
CVE-2023-20209
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code...
Cisco Expressway Series和Cisco TelePresence Video Communication Server 命令注入漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
PT-2023-4589 · Cisco · Cisco Telepresence Video Communication Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS version 14.0 Description: A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS...
CVE-2023-20105
A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system. This vulnerability is due to...
CVE-2023-20192
CVE-2023-20192 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). The issue is a privilege-escalation flaw stemming from incorrect handling of password change requests, enabling an authenticated attacker with Administrator-level read-only credentials to eleva...
The vulnerability of the command-line interface (CLI) of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server (VCS) micro-programming software for device management allows a perpetrator to gain increased privileges.
The vulnerability of the command-line interface CLI of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server VCS micro-programming software for device management involves shortcomings in role-based access control. Exploiting this vulnerability can allow...