40 matches found
EUVD-2020-24409
Malware in sbrugna...
EUVD-2019-10518
Malware in sbrugna...
EUVD-2019-10529
Malware in sbrugna...
EUVD-2022-26030
Malicious code in bioql PyPI...
EUVD-2022-26029
Malicious code in bioql PyPI...
CVE-2022-20929
A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature verification of upgrade...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
Cisco has released security updates to address multiple vulnerabilities in Enterprise NFV Infrastructure Software. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Cisco advisory cisco-sa-NFVIS-MUL-7DySRX9 an...
CVE-2022-20780
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an attacker to escape from the guest virtual machine VM to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these...
CVE-2022-20780 Cisco Enterprise NFV Infrastructure Software Vulnerabilities
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an attacker to escape from the guest virtual machine VM to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these...
CVE-2021-34746 Cisco Enterprise NFV Infrastructure Software Authentication Bypass Vulnerability
A vulnerability in the TACACS+ authentication, authorization and accounting AAA feature of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator. This vulnerability is due to...
PT-2021-3906 · Cisco · Cisco Enterprise Nfv Infrastructure
Name of the Vulnerable Software and Affected Versions: Cisco Enterprise NFV Infrastructure Software NFVIS affected versions not specified Description: A vulnerability in the TACACS+ authentication feature could allow an unauthenticated, remote attacker to bypass authentication and log in to an...
Cisco Enterprise NFV Infrastructure Software Cross-Site Scripting Vulnerability (CNVD-2021-05522)
Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A cross-site scripting vulnerability exists in the web management interface ...
CVE-2021-1127
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to improper input...
CVE-2020-3365
A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories. The vulnerability is due to a flaw in the logic that governs directo...
CVE-2020-3478 Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device. The vulnerability is due to insufficient authorization enforcement on an affected system...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. The Cybersecurity and...
CVE-2020-3236
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative credentials. This...
CVE-2020-3236
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacker would need valid administrative credentials. This...
Cisco Enterprise NFV Infrastructure Software Remote Code Execution Vulnerability
Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A remote code execution vulnerability exists in the upgrade component of Cis...