18 matches found
EUVD-2015-0675
Malware in sbrugna...
CVE-2013-1172
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client aka AnyConnect VPN Client does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153...
Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞
Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco, Inc.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. It is used to protect...
CVE-2021-1620
A vulnerability in the Internet Key Exchange Version 2 IKEv2 support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the cod...
CVE-2021-1427 Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities
Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or executable files that are used by the application. A successful exploit could allow the attacker to execut...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Cisco AnyConnect Secure Mobility Client 'Introducir URL' Denial of Service Vulnerability
Cisco AnyConnect Secure Mobility Client is a secure mobility client from Cisco for the Windows platform that provides secure access to networks and applications from any device. A denial of service vulnerability exists in the Cisco AnyConnect Secure Mobility Client 'Introducir URL'. An attacker...
CVE-2018-0229
A vulnerability in the implementation of Security Assertion Markup Language SAML Single Sign-On SSO authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance ASA Software, and Cisco Firepower Threat Defense FTD Software could allow an...
CVE-2017-12268
A vulnerability in the Network Access Manager NAM of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker cou...
Cisco AnyConnect Secure Mobility Client Software Cross-Site Scripting Vulnerability
The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client suffers from a cross-site scripting vulnerability in the WebLaunch feature, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code...
Cisco ASA AnyConnect Client Authentication Attempt Handling Information Disclosure (cisco-sa-20160115-asa)
According to its version and configuration, the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by an information disclosure vulnerability due to a failure to protect sensitive data during a Cisco AnyConnect client authentication attempt. An unauthenticated...
Cisco ASA Information Disclosure Vulnerability (cisco-sa-20160111-asa)
Cisco ASA Software is prone to an information disclosure vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
The vulnerability of the Cisco AnyConnect Secure Mobility Client’s cryptographic protection allows a perpetrator to move arbitrary files.
The vulnerability of the Cisco AnyConnect Secure Mobility Client’s IPC channel implementation is related to deficiencies in access control for certain functions. Exploiting this vulnerability could allow a local attacker to move arbitrary files around...
Cisco AnyConnect Secure Mobility Client Elevation of Privilege Vulnerability (CNVD-2015-06520)
Cisco AnyConnect Secure Mobility Client is a set of next-generation VPN clients from Cisco. The client enables remote users to securely connect to the Cisco ASA 5500 device via SSL VPN. An elevation of privilege vulnerability exists in Cisco AnyConnect Secure Mobility Client 4.1on OS X Linux that...
Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability (CNVD-2015-01868)
The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client 4.0 .00051 and prior versions contain a security vulnerability in the IPC channel, which can be exploited by a local user to write to any user-space memory location via a...
Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.0(629) ATL Buffer Overflow
The remote host has a version of Cisco AnyConnect 2.x or 3.x prior to 3.1629. As such, when the VPNAPI COM module calls the ATL framework, certain input data are not properly validated and could allow a buffer overflow. This error could lead to arbitrary code execution. C Tenable Network Security...
Cisco AnyConnect Secure Mobility Client 2.x / 3.x < 3.1(3103) Host Scan Multiple Vulnerabilities
The remote host has a version of Cisco AnyConnect 2.x or 3.x prior to 3.13103. It is, therefore, potentially affected by the following vulnerabilities : - A heap-based buffer overflow error exists in the file 'ciscod.exe'. CVE-2013-1173 / CSCud14143 - An unspecified error exists that could allow...