Lucene search
K

75 matches found

OSV
OSV
added 2018/06/21 11:29 a.m.6 views

CVE-2018-0371

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a...

6.5CVSS5.8AI score0.03228EPSS
Exploits0References3
Prion
Prion
added 2018/06/21 11:29 a.m.22 views

Input validation

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a...

6.8CVSS6.4AI score0.03228EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/06/21 11:0 a.m.58 views

CVE-2018-0371

CVE-2018-0371 affects Cisco Meeting Server Web Admin Interface (Acano X-Series, Meeting Server 1000, 2000). The root cause is insufficient validation of incoming HTTP requests, allowing an authenticated remote attacker to cause a DoS by restarting the system and terminating ongoing calls. This is...

6.8CVSS6.4AI score0.03228EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/03/26 6:29 p.m.27 views

CVE-2018-1189

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Antivirus Page within the OneFS web administration interface. A malicious administrator may potentially...

4.8CVSS4.8AI score0.287EPSS
Exploits5References4
OSV
OSV
added 2018/01/12 5:29 p.m.3 views

CVE-2017-18014

An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page Control Center - Log Viewer - in the filter option "Web Server Protection" in the webadmin...

6.1CVSS5.8AI score0.02307EPSS
Exploits2References4
CNVD
CNVD
added 2018/01/11 12:0 a.m.4 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2018-01388)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

6.1CVSS6.5AI score0.01729EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/04 12:0 a.m.3 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2017-36401)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

5.4CVSS6.7AI score0.00891EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.3 views

Cisco Meeting Server Denial of Service Vulnerability (CNVD-2017-32492)

Cisco Meeting Server formerly known as Acano Conferencing Server, CMS is the United States of America Cisco Cisco company's set of audio and video conferencing server software.Web Admin Interface is one of the Web login interface. A denial of service vulnerability exists in the Web Admin Interfac...

5.3CVSS5.5AI score0.02197EPSS
Exploits0References1
Prion
Prion
added 2017/10/05 7:29 a.m.18 views

Design/Logic Flaw

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit this vulnerability by...

5CVSS5.4AI score0.02197EPSS
Exploits0References3
NVD
NVD
added 2017/10/05 7:29 a.m.37 views

CVE-2017-12264

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit this vulnerability by...

5.3CVSS5.4AI score0.02197EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/10/05 7:0 a.m.20 views

CVE-2017-12264

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit this vulnerability by...

5.4AI score0.02197EPSS
Exploits0References3
Cisco
Cisco
added 2017/10/04 4:0 p.m.56 views

Cisco Meeting Server Denial of Service Vulnerability

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient bound checks performed by the affected software. An attacker could exploit this vulnerability by...

5.3CVSS5.4AI score0.02197EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/06/06 12:0 a.m.24 views

Peplink Balance Routers Web Admin Detection

Detection of Peplink Balance Routers Web Admin. The script sends a connection request to the server and attempts to detect the Web Admin Interface of Peplink Balance Routers. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

7AI score
Exploits0References1
seebug.org
seebug.org
added 2017/03/26 12:0 a.m.48 views

D-LINK DIR-850L web admin interface vulnerable to stack-based buffer overflow (CVE-2017-3193 )

The affected service is the management web, in the cgibin file located within the htdocs folder on the router filesystem. The vulnerability is a Stack-Based Buffer Overflow, caused by a non-controlled use of the strcat function that allows an overwrite of the PC, and thus the execution flow of th...

9.4AI score0.05613EPSS
Exploits1
Packet Storm
Packet Storm
added 2016/08/11 12:0 a.m.67 views

NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution', 'Description' = %q The NVRmini 2 Network...

10CVSS0.7AI score0.9461EPSS
Exploits11
OpenVAS
OpenVAS
added 2016/02/22 12:0 a.m.22 views

Symantec Encryption Management Server Server Multiple Security Issues

The management console for Symantec Encryption Management Server SEMS is susceptible to potential OS command execution, local access elevation of privilege, a heap-based memory corruption resulting in a service crash and potential information disclosure of management console logon/account...

9.1CVSS7.7AI score0.0193EPSS
Exploits0References5
CNVD
CNVD
added 2015/04/23 12:0 a.m.3 views

Oracle Commerce Platform A vulnerability exists in the Commerce Platform component

Oracle Commerce Platform is the United States Oracle Oracle company's set of e-business solutions platform. A security vulnerability exists in the Dynamo Application Framework - HTML Admin User Interface subcomponent of the Oracle Commerce Platform component of Oracle Commerce Platform. A remote...

4.3CVSS6.7AI score0.01512EPSS
Exploits0References1
NVD
NVD
added 2014/09/08 2:55 p.m.19 views

CVE-2014-0152

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

6.8CVSS6.6AI score0.01757EPSS
Exploits1References2
Prion
Prion
added 2014/09/08 2:55 p.m.18 views

Session fixation

Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors...

6.8CVSS7.2AI score0.01757EPSS
Exploits1References2Affected Software2
CVE
CVE
added 2014/09/08 2:0 p.m.73 views

CVE-2014-0152

CVE-2014-0152 affects oVirt Web Admin Interface (3.4.0 and earlier). Root cause: after authentication, a new session ID is not generated and session IDs may be stored in HTML5 local storage, not protected by same-origin policy. This enables a remote attacker to hijack a logged-in user’s session v...

6.8CVSS6.8AI score0.01757EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder