Lucene search
K

1481 matches found

CVE
CVE
added 2018/08/14 5:0 p.m.87 views

CVE-2018-0131

The vulnerability CVE-2018-0131 affects Cisco IOS and IOS XE when RSA-encrypted nonces are used in IKEv1. The root cause is that the software responds incorrectly to decryption failures, allowing an unauthenticated remote attacker to send crafted ciphertexts and obtain the encrypted nonces from a...

5.9CVSS5.6AI score0.01722EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2018/08/14 5:0 p.m.22 views

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

5.7AI score0.01722EPSS
Exploits0References3
NVD
NVD
added 2018/08/14 4:29 p.m.19 views

CVE-2018-0131

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 IKEv1 session. The vulnerability exists because the affected software...

5.9CVSS5.7AI score0.01722EPSS
Exploits0References3
NVD
NVD
added 2018/08/01 8:29 p.m.16 views

CVE-2018-0397

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service DoS condition. The vulnerability exists if the affected software is...

7.1CVSS5.4AI score0.01482EPSS
Exploits0References2
Prion
Prion
added 2018/08/01 8:29 p.m.25 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Small Business 300 Series Sx300 Managed Switches could allow an authenticated, remote attacker to conduct a persistent cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

3.5CVSS5.3AI score0.00678EPSS
Exploits0References2Affected Software28
Prion
Prion
added 2018/08/01 8:29 p.m.14 views

Input validation

A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable. The vulnerability is due to insufficient validation of a password change request. An attacker could exploit this...

6.8CVSS6.5AI score0.02714EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2018/08/01 8:29 p.m.17 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Small Business 300 Series Sx300 Managed Switches could allow an authenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

3.5CVSS5.3AI score0.00678EPSS
Exploits0References2Affected Software28
Prion
Prion
added 2018/08/01 8:29 p.m.17 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...

4.3CVSS6AI score0.01783EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/08/01 8:29 p.m.20 views

CVE-2018-0407

A vulnerability in the web-based management interface of Cisco Small Business 300 Series Sx300 Managed Switches could allow an authenticated, remote attacker to conduct a persistent cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

5.4CVSS5.3AI score0.00678EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2018/08/01 8:0 p.m.9 views

CVE-2018-0413

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

7.4AI score0.01231EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/08/01 8:0 p.m.8 views

CVE-2018-0391

A vulnerability in the password change function of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to cause the system to become inoperable. The vulnerability is due to insufficient validation of a password change request. An attacker could exploit this...

7.1AI score0.02714EPSS
Exploits0References3
CVE
CVE
added 2018/08/01 8:0 p.m.50 views

CVE-2018-0406

Cisco Web Security Appliance (WSA) web-based management interface suffers a reflected/DOM-based XSS due to insufficient input validation. An unauthenticated, remote attacker could lure a user into clicking a crafted link, enabling arbitrary script execution in the interface context or leakage of ...

6.1CVSS6AI score0.01783EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/08/01 8:0 p.m.10 views

CVE-2018-0397

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service DoS condition. The vulnerability exists if the affected software is...

6.7AI score0.01482EPSS
Exploits0References2
CVE
CVE
added 2018/08/01 8:0 p.m.64 views

CVE-2018-0397

Cisco AMP for Endpoints Mac Connector on macOS 10.12 is affected by CVE-2018-0397. The flaw allows an unauthenticated remote attacker to trigger a kernel panic and DoS if the software is running in Block network conviction mode. Exploitation could occur when a server process is started and an IP ...

7.1CVSS5.3AI score0.01482EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/08/01 8:0 p.m.86 views

CVE-2018-0411

Summary: CVE-2018-0411 describes a reflected cross-site scripting (XSS) vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM). The root cause is insufficient validation of user-supplied input in the interface, enabling an unauthenticated, remote attacke...

6.1CVSS5.9AI score0.01783EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/08/01 8:0 p.m.20 views

CVE-2018-0407

A vulnerability in the web-based management interface of Cisco Small Business 300 Series Sx300 Managed Switches could allow an authenticated, remote attacker to conduct a persistent cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The...

5.3AI score0.00678EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2018/08/01 8:0 p.m.8 views

CVE-2018-0406

A vulnerability in the web-based management interface of Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to conduct a reflected or Document Object Model based DOM-based cross-site scripting XSS attack against a user of the web-based management interface of an...

6AI score0.01783EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/08/01 8:0 p.m.19 views

CVE-2018-0411

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due...

6AI score0.01783EPSS
Exploits0References3
NVD
NVD
added 2018/07/18 11:29 p.m.17 views

CVE-2018-0399

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug IDs: CSCvg71044...

9.8CVSS9.7AI score0.01889EPSS
Exploits0References2
NVD
NVD
added 2018/07/18 11:29 p.m.24 views

CVE-2018-0401

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. Cisco Bug IDs: CSCvg70967...

6.1CVSS6.1AI score0.0121EPSS
Exploits0References2
Rows per page
Query Builder