29707 matches found
CVE-2026-20180 Cisco Identity Services Engine Multiple Remote Code Execution Vulnerability
A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...
CVE-2026-20180
Cisco Identity Services Engine (ISE) contains a remote code execution vulnerability (CVE-2026-20180) that can be exploited by an authenticated attacker with at least Read Only Admin credentials. The issue stems from insufficient validation of user-supplied input, allowing a crafted HTTP request t...
CVE-2026-20180
A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...
CVE-2026-20180 Cisco Identity Services Engine Multiple Remote Code Execution Vulnerability
A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...
CVE-2026-20186 Cisco Identity Services Engine Multiple Authenticated Remote Code Execution Vulnerability
A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...
CVE-2026-20186 Cisco Identity Services Engine Multiple Authenticated Remote Code Execution Vulnerability
A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...
CVE-2026-20186
The CVE-2026-20186 entry concerns Cisco Identity Services Engine (ISE). The vulnerability arises from insufficient validation of user-supplied input, enabling an authenticated (Read Only Admin) attacker to remotely execute arbitrary commands on the device via a crafted HTTP request. An attacker c...
CVE-2026-20148
Cisco Identity Services Engine (ISE) and ISE-PIC are affected by a path traversal vulnerability due to improper input validation. An authenticated attacker with administrative credentials can issue a crafted HTTP request to read arbitrary files on the underlying OS. Exploitation details indicate ...
CVE-2026-20148
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is...
CVE-2026-20148 Cisco Identity Services Engine Path Traversal Vulnerability
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is...
CVE-2026-20148 Cisco Identity Services Engine Path Traversal Vulnerability
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is...
CVE-2026-20147 Cisco Identity Services Engine Remote Code Execution Vulnerability
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...
CVE-2026-20147
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...
CVE-2026-20147
Cisco CVE-2026-20147 affects Cisco Identity Services Engine (ISE) and ISE-PIC. An authenticated, remote attacker with valid administrative credentials can exploit insufficient input validation via a crafted HTTP request to execute arbitrary commands on the device’s underlying OS, potentially gain...
CVE-2026-20147 Cisco Identity Services Engine Remote Code Execution Vulnerability
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...
CVE-2026-20132
Cisco Identity Services Engine (ISE) web-based management interface contains multiple XSS weaknesses due to insufficient input sanitization. Exploitation requires an authenticated user with administrative write privileges; an attacker could trigger stored or reflected XSS by convincing a user to ...
CVE-2026-20132
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting XSS attack or a reflected XSS attack against a user of the web-based...
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To exploit these vulnerabilities, the attacker mu...
Cisco Identity Services Engine Remote Code Execution Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit these vulnerabilities, the attacker must have at least Read Only Admin credentials. These...
firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component...