EUVD-2026-9424

A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this vulnerability by sending...

EUVD-2024-18102

Malicious code in bioql PyPI...

CVE-2024-20387

A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based management interface of Cisco FMC Software. An...

CVE-2024-20387

A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based management interface of Cisco FMC Software. An...

CVE-2024-20387

A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based management interface of Cisco FMC Software. An...

CVE-2024-20387

CVE-2024-20387 affects Cisco FMC Software (Web-based management interface). The issue is due to improper input sanitization, enabling an authenticated, remote attacker to store malicious content for stored XSS by persuading a user to click a malicious link. Impact is stored XSS on the affected de...

CVE-2024-20387

A vulnerability in the web-based management interface of Cisco FMC Software could allow an authenticated, remote attacker to store malicious content for use in XSS attacks. This vulnerability is due to improper input sanitization in the web-based management interface of Cisco FMC Software. An...

CVE-2024-20340

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability,...

CVE-2024-20264

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient...

CVE-2024-20361

Cisco CVE-2024-20361 affects Firepower Management Center (FMC) Software, enabling an unauthenticated remote attacker to bypass access controls on managed Firepower Threat Defense (FTD) devices. The root cause is the incorrect deployment of the Object Groups for ACLs feature from FMC to FTD in hig...

Input validation

A vulnerability in the web management interface of the Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to insufficient validation of user-supplied parameters for...

CVE-2022-20743

A vulnerability in the web management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulnerability is due to improper validation of files uploaded to t...

CVE-2021-34762

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to perform a directory traversal attack on an affected device. The attacker would require valid device credentials. The vulnerability is due to...