18976 matches found
CVE-2026-20094 Cisco Integrated Management Controller Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with read-only privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation o...
CVE-2026-20094
Cisco IMC web-based management interface vulnerability allows an authenticated, read-only user to perform command injection and execute arbitrary commands as root due to improper input validation. CVSS 3.1 base score 8.8 (HIGH); impact on confidentiality, integrity, availability HIGH. No exploita...
CVE-2026-20095
CVE-2026-20095 corresponds to a vulnerability in Cisco IMC’s web-based management interface where an authenticated, admin-level attacker can exploit improper input validation to perform command injection and run arbitrary commands as root. Impact is described as root-level execution; no public ex...
CVE-2026-20095 Cisco Integrated Management Controller Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...
CVE-2026-20095 Cisco Integrated Management Controller Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco IMC could allow an authenticated, remote attacker with admin-level privileges to perform command injection attacks on an affected system and execute arbitrary commands as the root user. This vulnerability is due to improper validation...
CVE-2026-20093
Cisco IMC contains an authentication bypass vulnerability in its change-password flow. The issue arises from incorrect handling of password-change requests, allowing an unauthenticated, remote attacker to send a crafted HTTP request and bypass authentication, potentially altering any user passwor...
CVE-2026-20093 Cisco Integrated Management Controller Authentication Bypass Vulnerability
A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...
CVE-2026-20093 Cisco Integrated Management Controller Authentication Bypass Vulnerability
A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...
CVE-2026-20085 Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to execute arbitrary code or commands on the underlying operating system of an affected system and elevate privileges to root. For more...
Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller IMC could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. For more information about these vulnerabilities, see the Details "details"...
Cisco Integrated Management Controller Authentication Bypass Vulnerability
A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...
EUVD-2024-55516
Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...
CVE-2024-53828
Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...
CVE-2024-53828 Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability
Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...
CVE-2024-53828 Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability
Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...
CVE-2024-53828
Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...
CVE-2024-53828
Ericsson Packet Core Controller (PCC) prior to v1.38 is affected by an issue described as an Improper Handling of Syntactically Invalid Structure Vulnerability. An attacker sending a large volume of specially crafted messages may cause service degradation. A fix is available in version 1.38; upgr...
CVE-2026-5259
A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm Preview. Executing a manipulation can lead to...
CVE-2026-5259
CVE-2026-5259 affects AutohomeCorp frostmourne (up to version 1.0) in the Alarm Preview component, specifically the AlarmController.java file. The vulnerability is described as a server-side request forgery (SSRF) triggered by manipulation of an unknown function within the frostmourne-monitor mod...