Lucene search
K

522 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.31 views

Cisco UCS 6300 Series Fabric Interconnects SNMP DoS (cisco-sa-fp-ucsfi-snmp-dos-qtv69NAO)

A vulnerability in the Simple Network Management Protocol SNMP service of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to the improper handling of specific SNMP...

7.7CVSS6.6AI score0.00509EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/09/01 12:0 a.m.20 views

Cisco APIC Unauthorized Policy Actions (cisco-sa-apic-uapa-F4TAShk)

A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies for example, access policies created by users associated with a different securi...

5.4CVSS5.9AI score0.00333EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/24 12:0 a.m.84 views

Cisco Nexus 3000 9000 Series Switches SFTP Server File Access (cisco-sa-nxos-sftp-xVAp5Hfd)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

5.4CVSS5.5AI score0.00439EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.30 views

Credential Information Disclosure Vulnerability(cisco-sa-ise-credentials-tkTO3h3)

According to its self-reported version, Cisco Identity Services Engine is affected by a vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the imprope...

6.5CVSS6.6AI score0.00555EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/14 12:0 a.m.17 views

Cisco Identity Services Engine Command Injection Vulnerabilities (cisco-sa-adeos-MLAyEcvk)

According to its self-reported version, Cisco Identity Services Engine is affected by multiple command injection vulnerabilities: - A vulnerability in the restricted shell of Cisco ISE could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the...

7.8CVSS6.9AI score0.00201EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/07/12 12:0 a.m.41 views

Cisco SD-WAN vManage Unauthenticated REST API Access (cisco-sa-vmanage-unauthapi-sphCLYPA)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage software could allow an unauthenticated, remote attacker to gain read permissions or limited...

9.1CVSS8.5AI score0.00731EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/07/07 12:0 a.m.17 views

Cisco Firepower Threat Defense Software SNMP DoS (cisco-sa-asaftd-snmp-dos-qsqBNM6x)

According to its self-reported version, Cisco ASA Software is affected by a denial of service DoS vulnerability in the Simple Network Management Protocol SNMP feature of Cisco Firepower Threat Defense Software. Due to insufficient input validation, an authenticated, remote attacker could exploit...

7.7CVSS6.5AI score0.00783EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.43 views

Cisco Expressway Series / Cisco TelePresence VCS 14.x < 14.3.0 Privilege Escalation (cisco-sa-expressway-priv-esc-Ls2B9t7b)

The Cisco Expressway Series or Cisco TelePresence Video Communication Server VCS running on the remote host is 14.x prior to 14.3.0. It is, therefore, affected by a privilege escalation vulnerability as described in the cisco-sa-expressway-priv-esc-Ls2B9t7b advisory. Due to an incorrect...

9.6CVSS8AI score0.00656EPSS
Exploits0References3
Code423n4
Code423n4
added 2023/06/14 12:0 a.m.16 views

Upgraded Q -> 2 from #327 [1686724891862]

Judge has assessed an item in Issue 327 as 2 risk. The relevant finding follows: L-04 addBid does not increment the endBlock of the auction when it is close to the end, preventing the protocol from capturing extra value When an Auction is created, it sets a lotItem.endBlock. This value remains...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/19 12:0 a.m.25 views

Cisco Identity Services Engine Path Traversal Vulnerability (cisco-sa-ise-traversal-ZTUgMYhu) (CSCwd07350)

According to its self-reported version, Cisco Identity Services Engine Path Traversal Vulnerabilities is affected by a path traversal vulnerability. A vulnerability in the CLI of Cisco ISE could allow an authenticated, local attacker to perform a path traversal attack to escape the restricted she...

6.7CVSS6.6AI score0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/07 12:0 a.m.23 views

Cisco IOS XE Software Fragmented Tunnel Protocol Packet DoS (cisco-sa-ios-gre-crash-p6nE5Sq5)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

8.6CVSS8.4AI score0.0098EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.18 views

Cisco Identity Services Engine Command Injection Vulnerabilities (cisco-sa-ise-injection-2XbOg9Dg)

According to its self-reported version, Cisco Identity Services Engine is affected by multiple command injection vulnerabilities. Multiple vulnerabilities in specific Cisco Identity Services Engine ISE CLI commands could allow an authenticated, local attacker to perform command injection attacks ...

6.7CVSS6.8AI score0.00465EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.24 views

Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution (cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD)

According to its self-reported version, the Cisco Small Business Router is by a vulnerability. A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary...

7.2CVSS7.6AI score0.00961EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.31 views

Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers XSS Vulnerabilities (cisco-sa-rv-stored-xss-vqz7gC8W)

According to its self-reported version, Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities is affected by multiple vulnerabilities: - Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042,...

6.1CVSS6.4AI score0.00433EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.26 views

Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers Command Injection Vulnerabilities (cisco-sa-sb-rv32x-cmdinject-cKQsZpxL)

According to its self-reported version, Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers are affected by multiple command injection vulnerabilities. Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers...

7.2CVSS7.7AI score0.30386EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/03/31 12:0 a.m.21 views

Cisco Adaptive Security Appliance Software Low Entropy Keys (cisco-sa-asa5500x-entropy-6v9bHVYP)

A vulnerability in the deterministic random bit generator DRBG, also known as pseudorandom number generator PRNG in Cisco Adaptive Security Appliance ASA Software for Cisco ASA 5506-X, ASA-5508-X and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic...

7.5CVSS5.7AI score0.00717EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/31 12:0 a.m.28 views

Cisco Firepower Threat Defense Software Low Entropy Keys (cisco-sa-asa5500x-entropy-6v9bHVYP)

A vulnerability in the deterministic random bit generator DRBG, also known as pseudorandom number generator PRNG in Cisco Firepower Threat Defense FTD Software for Cisco ASA 5506-X, ASA-5508-X and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic...

7.5CVSS5.7AI score0.00717EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.25 views

Cisco IOS XE Software Privilege Escalation (cisco-sa-iosxe-priv-esc-sABD8hcU)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to...

7.8CVSS7.4AI score0.00168EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/24 12:0 a.m.32 views

Cisco UCS Fabric Interconnects Command Injection (cisco-sa-nxfp-cmdinj-XXBZjtR)

According to its self-reported version, Cisco Unified Computing System UCS Fabric Interconnect is affected by a command injection vulnerability. Due to insufficient input validation of commands supplied by the user, an authenticated attacker can execute unauthorized commands within the CLI. On...

6.7CVSS6.8AI score0.00223EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.23 views

Cisco Email Security Appliance PrivEsc (cisco-sa-esa-sma-privesc-9DVkFpJ8)

According to its self-reported version, Cisco Email Security Appliance is affected by a vulnerability in the web UI and CLI of Cisco ESA could allow an authenticated, remote attacker web UI or authenticated, local attacker CLI to elevate privileges to root. The attacker must have valid user...

7.2CVSS7.7AI score0.01262EPSS
Exploits2References3
Rows per page
Query Builder