26 matches found
CVE-2026-34926
A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...
VulnCheck KEV: CVE-2026-34926
A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...
Cisco Unity Connection Arbitrary File Download Vulnerabilities
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20055 Cisco Packaged Contact Center Enterprise & Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise Packaged CCE and Cisco Unified Contact Center Enterprise Unified CCE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-base...
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...
CVE-2025-20329 Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...
EUVD-2021-6642
Malicious code in bioql PyPI...
CVE-2025-20361 Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...
CVE-2025-20237
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...
CVE-2025-20218
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to insufficient input validation. An attacker could...
CVE-2025-20237
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...
CVE-2025-20218
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to insufficient input validation. An attacker could...
CVE-2025-20237
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this...
CVE-2025-20278
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied...
PT-2023-3314 · Cisco · Cisco Small Business Rv320 +1
Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers affected versions not specified Description: The web-based management interface of the affected devices has insufficient validation of user-supplied input, which could allow an...
PT-2023-1277 · Cisco · Cisco Small Business Rv260 +4
Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV160 and RV260 Series VPN Routers affected versions not specified Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W affected versions not specified Description: A vulnerability in the web-based management...
CVE-2022-20898
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20890
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20885
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2021-34731
A vulnerability in the web-based management interface of Cisco Prime Access Registrar could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently...