EUVD-2020-24580

Malware in sbrugna...

EUVD-2021-6836

Malicious code in bioql PyPI...

Cisco Firepower Device Manager On-Box Software RCE (cisco-sa-fdm-rce-Rx6vVurq)

According to its self-reported version, Cisco Firepower Device Manager FDM On-Box software is affected by a vulnerability in the REST API that allows an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to...

The vulnerability of the REST API implementation in software for managing Cisco Firepower Device Manager On-Box allows a attacker to execute arbitrary code or perform arbitrary commands.

The vulnerability of the REST API implementation in software for managing Cisco Firepower Device Manager On-Box is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands or run arbitrary code using a specially crafted HTTP request...

CVE-2021-1518

A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific...

Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability

A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific...

CVE-2021-1489

CVE-2021-1489 affects Cisco Firepower Device Manager (FDM). A vulnerability in filesystem usage management allows an authenticated, remote attacker to exhaust filesystem resources by uploading files, leading to a DoS and possible database errors with the device becoming unresponsive to web manage...

CVE-2021-1489 Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability

A vulnerability in filesystem usage management for Cisco Firepower Device Manager FDM Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service DoS condition on an affected device. This vulnerability is due to the insufficient...

CVE-2021-1369 Cisco Firepower Device Manager On-Box Software XML External Entity Vulnerability

A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity XXE...

Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability

A vulnerability in filesystem usage management for Cisco Firepower Device Manager FDM Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service DoS condition on an affected device. This vulnerability is due to the insufficient...

Cisco Firepower Device Manager On-Box Software XML External Entity Vulnerability

A vulnerability in the REST API of Cisco Firepower Device Manager FDM On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected device. This vulnerability is due to the improper handling of XML External Entity XXE...

Cisco Firepower Device Manager 代码问题漏洞

Cisco Firepower Device Manager FDM is a firewall device manager from Cisco USA. The product supports access rule configuration, system monitoring, and other features. A code issue vulnerability exists in Cisco Firepower Device Manager that originates from an authenticated, remote attacker obtaini...

Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite (cisco-sa-fdmfo-HvPWKxDe)

According to its self-reported version, Cisco Firepower Device Manager FDM On-Box software is affected by an arbitrary file overwrite vulnerability due to improper input validation. An authenticated, remote attacker can exploit this by uploading a malicious file to an affected device in order to...

Cisco Firepower Device Manager Web Interface Detection

Binary data ciscofirepowerdevicemanagerwebuidetect.nbin...

Cisco Firepower Threat Defense Software Management Interface DoS (cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a denial of service DoS vulnerability in the management interface due to how FTD handles session timeouts for management connections. An unauthenticated, remote attacker can exploit this issue, by sendi...

CVE-2020-3309

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...

CVE-2020-3309 Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...

CVE-2020-3309 Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...

Cisco Firepower Device Manager On-Box Software XML Parsing Vulnerability

A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could...

Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...