38 matches found
EUVD-2019-6880
Malware in sbrugna...
EUVD-2013-1160
Malware in sbrugna...
EUVD-2006-2167
Malware in sbrugna...
CVE-2013-1120
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910...
CVE-2013-1114
Multiple cross-site scripting XSS vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527...
Cisco Unity Express Insecure Deserialization (CVE-2018-15381)
An insecure deserialization vulnerability exists in Cisco Unity Express. Successful exploitation of this vulnerability would allow remote attackers to send a specially crafted serialized object to the vulnerable server...
CVE-2019-15986
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Input validation
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986 Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986 Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Cisco Unity Express CVE-2019-15986 Local Command Injection Vulnerability
Description Cisco Unity Express is prone to a local command-injection vulnerability. A local attacker can exploit this issue to execute arbitrary commands on the underlying OS with root privileges. This issue is being tracked by Cisco Bug ID CSCvq54120. Versions prior to Cisco Unity Express 10.1...
CVE-2018-15381 Cisco Unity Express Arbitrary Command Execution Vulnerability
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
CVE-2018-15381 Cisco Unity Express Arbitrary Command Execution Vulnerability
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
CVE-2018-15381
Cisco Unity Express (CUE) is affected by CVE-2018-15381 due to insecure Java deserialization, allowing an unauthenticated remote attacker to execute arbitrary shell commands with root privileges by sending a malicious serialized Java object to the RMI service. Affected releases prior to Cisco Uni...
Deserialization of untrusted data
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
CVE-2018-15381
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
CVE-2018-15381
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
Cisco Unity Express Arbitrary Command Execution Vulnerability
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
Cisco Unity Express Multiple Vulnerabilities
No description provided by source. Exploit Title: Cisco Unity Express Multiple Vulnerabilities Reported: December 2012 Disclosed: February 2013 Author: Jacob Holcomb of Independent Security Evaluators CVE: XSS - CVE-2013-1114 and CSRF - CVE-2013-1120...