Lucene search
K

216 matches found

CNNVD
CNNVD
added 2021/01/13 12:0 a.m.7 views

多款Cisco产品缓冲区错误漏洞

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

9CVSS7.6AI score0.02194EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/01/13 12:0 a.m.6 views

多款Cisco产品缓冲区错误漏洞

The Cisco RV110W is a Wireless-N VPN firewall, the Cisco RV130 is a multifunction VPN router, the Cisco RV130W is a Wireless-N multifunction VPN router, and the Cisco RV215W is a Wireless-N VPN router. A remote command execution and denial of service vulnerability exists in the Web management...

9CVSS6.4AI score0.02194EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2020/11/19 12:0 a.m.4 views

The vulnerability of the web interface of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows attackers to gain unauthorized access to protected information.

The vulnerability of the web-based interfaces of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected informatio...

6.5CVSS6.9AI score0.01217EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/11/19 12:0 a.m.3 views

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows a perpetrator to carry out a cross-site scripting attack.

The vulnerability of the AnyConnect and WebVPN interfaces of Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance ASA software lies in the insufficient protection of the web page structure. Exploiting this vulnerability can allow a malicious actor to execute a cross-site attac...

6.1CVSS6.9AI score0.01145EPSS
Exploits0References2Affected Software2
GithubExploit
GithubExploit
added 2020/11/18 9:31 p.m.76 views

Exploit for Improper Input Validation in Cisco Adaptive_Security_Appliance_Software

CVE-2020-3452 A WIP python script to exploit the directory tr...

7.5CVSS7.8AI score0.99992EPSS
Exploits24
OSV
OSV
added 2020/11/17 9:15 p.m.5 views

CVE-2020-26553

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

9.8CVSS7.4AI score0.01742EPSS
Exploits1References1
Gitee
Gitee
added 2020/11/10 8:43 p.m.9 views

dahua

This is a collection of proof-of-concept PoC exploit code and research notes for various vulnerabilities in IP cameras and other network devices. The code is written in Python and C, and the notes provide information on the vulnerabilities, including the attack vector, authentication requirements...

8.5AI score
Exploits0
OSV
OSV
added 2020/10/21 7:15 p.m.0 views

CVE-2020-3580

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

6.1CVSS6AI score0.85439EPSS
Exploits2References2
Gitee
Gitee
added 2020/09/04 10:2 a.m.3 views

vulhub

It is an offensive tool for web application security training. The target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and more. The vulnerability class/vector is not...

7.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/08/20 12:0 a.m.4 views

The vulnerability in the web interface of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense micro-programming software allows a perpetrator to expose protected information.

The vulnerability of the web interfaces of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

7.8CVSS7.4AI score0.99992EPSS
Exploits24References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/07/23 12:0 a.m.5 views

The vulnerability in the web interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) allows a perpetrator to carry out cross-site scenario attacks.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripti...

6.4CVSS5.7AI score0.00405EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/07/23 12:0 a.m.9 views

The vulnerability in the web interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection web interfaces is related to insufficient protection of the website structure...

6.1CVSS6AI score0.00801EPSS
Exploits0References2
OSV
OSV
added 2020/07/14 2:15 p.m.3 views

CVE-2020-10042

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network...

9.8CVSS7.8AI score0.01889EPSS
Exploits0References1
Prion
Prion
added 2020/07/10 5:15 p.m.17 views

Sql injection

A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 named MR-1-Build396 and the v17.5 MR13 release. All other versio...

7.5CVSS9.7AI score0.02168EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/10 4:55 p.m.19 views

CVE-2020-15504

A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the re-release of XG Firewall v18 MR-1 named MR-1-Build396 and the v17.5 MR13 release. All other versio...

9.8AI score0.02168EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/02 12:0 a.m.23 views

Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.6 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 7.1.26 or 8.0.x prior to 8.1.13 or 8.1.x prior to 8.1.13 or 9.0.x prior to 9.0.6. It is, therefore, affected by a vulnerability. - A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama...

8.8CVSS7.5AI score0.00828EPSS
Exploits0References3
OSV
OSV
added 2020/06/18 3:15 a.m.4 views

CVE-2020-3269

Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities, see the Details...

7.2CVSS7.3AI score0.02591EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/18 12:0 a.m.2 views

Buffer Overflow Vulnerability in Multiple Cisco Products (CNVD-2020-34327)

Cisco Small Business RV016 Multi-WAN VPN, etc. are a VPN router from Cisco USA. A buffer overflow vulnerability exists in the Web management interface of several Cisco products, which arises from a program's failure to properly restrict user input boundaries, and can be exploited by a remote...

9CVSS8.1AI score0.03189EPSS
Exploits0References1
OSV
OSV
added 2020/06/15 2:15 p.m.4 views

CVE-2020-4494

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 Linux and Windows, 8.1.9.0 trough 8.1.9.1 AIX and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 Linux, 8.1.9.0 through 8.1.9.1 AIX web user interfaces could allow an attacker to bypass authentication due to improper session...

7.5CVSS7.1AI score0.02229EPSS
Exploits0References2
OSV
OSV
added 2020/06/15 2:15 p.m.2 views

CVE-2020-4406

IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 Linux and Windows, 8.1.9.0 trough 8.1.9.1 AIX and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 Linux, 8.1.9.0 through 8.1.9.1 AIX web user interfaces could allow a remote attacker to hijack the clicking action of the victim...

5.4CVSS6.4AI score0.00823EPSS
Exploits0References2
Rows per page
Query Builder