CVE-2016-6429

A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System IPICS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. More Information: CSCva47092. Known Affected Releases: 4.101...

CVE-2016-6451

Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. More Information: CSCut43061 CSCut43066...

CVE-2016-6453

A vulnerability in the web framework code of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CSCva46542. Known Affected Releases: 1.30.876...

CVE-2016-6453

Cisco Identity Services Engine (ISE) web framework vulnerability (CVE-2016-6453) allows an authenticated, remote attacker to execute arbitrary SQL commands on the ISE database via crafted URLs. The issue stems from insufficient controls over SQL statements in the web framework interface, affectin...

CVE-2016-6451

CVE-2016-6451 concerns Cisco Prime Collaboration Provisioning. The Cisco advisory and NVD entry describe multiple vulnerabilities in the web framework code that could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against users of the web interface. The r...

CVE-2016-6429

CVE-2016-6429 affects Cisco IP Interoperability and Collaboration System (IPICS). The issue is a cross-site scripting (XSS) vulnerability in the web framework, arising from insufficient input validation of parameters passed to the web server. An unauthenticated, remote attacker could exploit this...

Cisco Identity Services Engine SQL Injection Vulnerability (cisco-sa-20161026-ise)

A vulnerability in the web framework code of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability

Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient inpu...

Cisco IP Interoperability and Collaboration System Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System IPICS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of some parameters passed to the web...

Cisco Identity Services Engine SQL Injection Vulnerability

A vulnerability in the web framework code of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. The vulnerability is due to insufficient controls on Structured Query Language SQL statements. An attacker could exploit...

[SECURITY] Fedora 23 Update: python-django-1.8.15-1.fc23

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 24 Update: python-django-1.9.10-1.fc24

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 25 Update: python-django-1.9.10-1.fc25

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Cisco Firepower Management Center SQL Injection Vulnerability

A vulnerability in the web framework of the Cisco Firepower Management Center could allow an authenticated, remote attacker to perform SQL injection on the affected device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Cisco Firepower Management Center Privilege Escalation Vulnerability

A vulnerability in the web framework of the Cisco Firepower Management Center could allow authenticated, remote attackers to elevate privileges to access data outside their roles. The vulnerability is due to improper authorization checks for authenticated users of the system. An attacker could...

Cisco IOS and IOS XE Cisco IOx Local Manager Cross-Site Scripting Vulnerability

Cisco IOS and IOS XE are both operating systems developed by Cisco for its network devices.Cisco IOx Local Manager is one of the local management components. A cross-site scripting vulnerability exists in the web framework in Cisco IOx Local Manager in Cisco IOS version 15.52T and IOS XE. A remot...

CVE-2016-6404

Cross-site scripting XSS vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.52T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854...

CVE-2016-6404

Cross-site scripting XSS vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.52T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854...

CVE-2016-6404

CVE-2016-6404 describes a cross-site scripting (XSS) vulnerability in the web framework of Cisco IOx Local Manager, affecting Cisco IOS 15.5(2)T and IOS XE. A remote attacker can exploit a crafted URL to inject arbitrary web script or HTML, targeting users of the web interface. The issue is tied ...