Lucene search
K

1481 matches found

Symantec
Symantec
added 2019/11/06 12:0 a.m.50 views

Cisco Small Business RV Series Routers CVE-2019-15957 Remote Command Injection Vulnerability

Description Cisco Small Business RV Series Routers are prone to a remote command injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with root privileges in the context of the affected device. This issue is being tracked by Cisco Bug IDs...

1.7AI score0.03246EPSS
Exploits0References1Affected Software6
Symantec
Symantec
added 2019/11/04 12:0 a.m.13 views

Google Android Media Framework Multiple Local Privilege Escalation Vulnerabilities

Description Google Android is prone to multiple local privilege-escalation vulnerabilities. A local attacker can exploit these issues to execute arbitrary code with elevated privileges within the context of the privileged process. These issues are being tracked by Android Bug IDs A-137283376,...

3.1AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/25 12:0 a.m.28 views

Cisco Firepower Management Center Multiple Cross-Site Scripting Vulnerabilities (cisco-sa-20191016-firepwr-xss)

According to its self-reported version, Cisco Firepower Management Center is affected by multiple cross-site scripting XSS vulnerabilities due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to...

4.8CVSS5.5AI score0.00804EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/10/21 12:0 a.m.20 views

Cisco Finesse Appliance Multiple Cross-Site Scripting Vulnerabilities (Cisco-SA-20150818-CVE-2015-4310)

According to its self-reported version, the Cisco Finesse appliance is affected by multiple cross-site scripting XSS vulnerabilities exist due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincing a user to...

4.3CVSS5.4AI score0.02162EPSS
Exploits0References5
Symantec
Symantec
added 2019/10/16 12:0 a.m.27 views

Cisco Firepower Management Center CVE-2019-15280 HTML Injection Vulnerability

Description Cisco Firepower Management Center is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attack...

0.3AI score0.00622EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/16 12:0 a.m.12 views

Cisco Firepower Management Center Multiple Cross Site Scripting Vulnerabilities

Description Cisco Firepower Management Center is prone to multiple cross-site scripting vulnerabilities because they fail to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

0.3AI score
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/16 12:0 a.m.26 views

Cisco TelePresence CE Software CVE-2019-15275 Local Privilege Escalation Vulnerability

Description Cisco TelePresence Collaboration Endpoint Software is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary commands with root level privileges. This issue is being tracked by Cisco Bug IDs CSCvq29890 and CSCvq29895. Versions...

1.6AI score0.00445EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/11 12:0 a.m.23 views

Cisco Unified Intelligence Center (CUIC) Software Cross-Site Scripting Vulnerability

Cross-site scripting XSS vulnerability in Cisco Unified Intelligence Center CUIC 8.5.4 through 9.11, as used in Unified Contact Center Express 10.01 through 11.01, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652. C Tenable...

6.1CVSS6.1AI score0.01009EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/10/11 12:0 a.m.38 views

Cisco Unified Intelligence Center (CUIC) Software Unauthenticated User Account Creation Vulnerability

The jspringsecurityswitchuser function in Cisco Unified Intelligence Center CUIC 8.5.4 through 9.11, as used in Unified Contact Center Express 10.01 through 11.01, allows remote attackers to create user accounts by visiting an unspecified web page, aka Bug IDs CSCuy75027 and CSCuy81653. C Tenable...

7.5CVSS7.5AI score0.01301EPSS
Exploits0References4
Symantec
Symantec
added 2019/10/07 12:0 a.m.21 views

Qualcomm Closed Source Components Multiple Unspecified Vulnerabilities

Description Qualcomm Closed-Source Components are prone to multiple unspecified vulnerabilities. An attacker can exploit these issues to perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Android Bug IDs A-122474427, A-129766175, A-129765090,...

0.5AI score
Exploits0References2Affected Software1
Symantec
Symantec
added 2019/10/03 12:0 a.m.271 views

Multiple Cisco Products CVE-2019-12700 Denial of Service Vulnerability

Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the resource exhaustion and reload the affected device, denying service to legitimate users. This issue is being tracked by Cisco bug IDs CSCvm92401, CSCvn83385...

1.3AI score0.01879EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/02 12:0 a.m.36 views

Cisco Firepower Threat Defense Software CVE-2019-12694 Local Command Injection Vulnerability

Description Cisco Firepower Threat Defense Software is prone to a local command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands on the underlying OS with root privileges. This issue being tracked by Cisco Bug IDs CSCvo45799. Technologies Affect...

1.6AI score0.00425EPSS
Exploits0References1
Symantec
Symantec
added 2019/10/02 12:0 a.m.27 views

Cisco Firepower System Software Multiple Security Bypass Vulnerabilities

Description Cisco Firepower System Software is prone to multiple security-bypass vulnerabilities. Remote attackers can exploit these issues to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. These issues are being tracked by Cisco Bug IDs CSCvo70545...

1.4AI score
Exploits0References1Affected Software4
Symantec
Symantec
added 2019/10/02 12:0 a.m.55 views

Cisco Firepower Threat Defense Software Multiple Security Bypass Vulnerabilities

Description Cisco Firepower Threat Defense Software is prone to multiple security-bypass vulnerabilities. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions and perform unauthorized actions. These issues are being tracked by Cisco Bug IDs CSCvm14296...

1.1AI score
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/10/02 12:0 a.m.49 views

Cisco FXOS and Firepower Threat Defense Software Multiple Local Command Injection Vulnerabilities

Description Cisco FXOS and Firepower Threat Defense Software are prone to multiple local command-injection vulnerabilities. An attacker may exploit these issues to inject and execute arbitrary commands on the underlying OS with root privileges. These issues are being tracked by Cisco Bug IDs...

1.6AI score
Exploits0References1Affected Software2
Symantec
Symantec
added 2019/10/02 12:0 a.m.33 views

Cisco Prime Infrastructure CVE-2019-12712 Cross Site Scripting Vulnerability

Description Cisco Prime Infrastructure is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

6.6AI score0.01057EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.14 views

Rockwell Automation Stratix Ethernet Switches < 15.3 IOS DHCP Reload

Binary data 720228.prm...

8.6CVSS7.3AI score0.07973EPSS
Exploits0References2
NVD
NVD
added 2018/08/15 8:29 p.m.25 views

CVE-2018-0367

A vulnerability in the web-based management interface of the Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to...

5.4CVSS5.3AI score0.0091EPSS
Exploits0References2
NVD
NVD
added 2018/08/15 8:29 p.m.22 views

CVE-2018-0386

A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on an affected system. The vulnerability is due to improper validation of input that is passed to the affected software. An attacker...

6.1CVSS6.1AI score0.01823EPSS
Exploits0References3
Prion
Prion
added 2018/08/15 8:29 p.m.10 views

Command injection

A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker could exploit this...

9CVSS9.1AI score0.0614EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder