Lucene search
+L

6880 matches found

NCSC
NCSC
added 2026/06/04 11:34 a.m.14 views

Lack of transparency in Cisco Unified Communications Manager

Cisco has identified a vulnerability in Unified Communications Manager CM and Unified Communications Manager Session Management Edition CM SME. A malicious individual could exploit this vulnerability to carry out a Server-Side Request Forgery SSRF attack. Successful exploitation could result in t...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References1
NVD
NVD
added 2026/06/03 6:16 p.m.22 views

CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS0.41694EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2026/06/03 4:9 p.m.10 views

CVE-2026-20230 Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS7.6AI score0.41694EPSS
Exploits3References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 4:9 p.m.10 views

CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS7.6AI score0.41694EPSS
In wildExploits3References2Affected Software1
EUVD
EUVD
added 2026/06/03 4:9 p.m.15 views

EUVD-2026-34137

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References1
Cvelist
Cvelist
added 2026/06/03 4:9 p.m.74 views

CVE-2026-20230 Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS0.41694EPSS
Exploits3References1
CVE
CVE
added 2026/06/03 4:9 p.m.141 views

CVE-2026-20230

CVE-2026-20230 affects Cisco Unified Communications Manager (CUCM) and Unified CM SME. The issue is due to improper input validation in specific HTTP requests, enabling an unauthenticated attacker to perform server-side request forgery (SSRF) and, if exploited, write files on the OS that could be...

8.6CVSS7.6AI score0.41694EPSS
In wildExploits3References3Affected Software1
Cisco
Cisco
added 2026/06/03 4:0 p.m.42 views

Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2026/06/03 5:56 a.m.8 views

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

9.6CVSS5.7AI score0.00258EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/03 3:28 a.m.16 views

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00261EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.67 views

PT-2026-45987

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions prior to 14SU6 Cisco Unified Communications Manager versions prior to 15SU5 Cisco Unified Communications Manager Session Management Edition affected versions not specified Description An...

8.6CVSS8.7AI score0.41694EPSS
Exploits3References194
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.12 views

Cisco Unified Communications Manager 代码问题漏洞

Cisco Unified Communications Manager is a call processing component within the unified communication system developed by Cisco, Inc. This component provides an scalable, distributed, and highly available solution for enterprise IP telephony call processing. There is a code vulnerability in Cisco...

8.6CVSS6AI score0.41694EPSS
Exploits3References1
Cvelist
Cvelist
added 2026/06/02 9:6 p.m.39 views

CVE-2022-4992 Dräger Infinity M540 VG4.1.1 Spoofed Network Message Handling DoS/Tampering

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower with VG4.2 partially affected contain a network message handling vulnerability that allows remote attackers to inject spoofed or tampered data and cause denial-of-service condition...

8.8CVSS0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.15 views

PT-2026-46532

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory...

9.6CVSS6.4AI score0.00985EPSS
Exploits0References434
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.25 views

PT-2026-46624

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in WebRTC allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. An out of bounds read occurs when ...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References437
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by improper implementation of WebRTC. This vulnerability could allow remote attackers to leak cross-source data through specially crafted HTML pages...

6.5CVSS5.3AI score0.00176EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.17 views

PT-2026-46432

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

9.6CVSS6.4AI score0.00985EPSS
Exploits0References434
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.20 views

PT-2026-46472

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory...

9.6CVSS6.4AI score0.00493EPSS
Exploits0References437
RedHat Linux
RedHat Linux
added 2026/06/01 3:38 p.m.23 views

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

9.6CVSS5.7AI score0.00258EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.15 views

PT-2026-45452

FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...

7.5CVSS5.9AI score0.00428EPSS
Exploits0References3
Rows per page
Query Builder