CVE-2021-40540

ulfiusurilogger in Ulfius HTTP Framework before 2.7.4 omits coninfo initialization and a coninfo-request NULL check for certain malformed HTTP requests...

Design/Logic Flaw

The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service device outage via a series of malformed HTTP requests, aka Bug ID CSCut67385...

CVE-2016-1469

CVE-2016-1469 affects Cisco Small Business SPA300, SPA500, and SPA51x IP Phones. The issue is in the HTTP framework which can be exploited by sending malformed HTTP requests to an affected device, allowing an unauthenticated remote attacker to cause a denial of service (device outage) (Bug ID CSC...

Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability

A vulnerability in the HTTP framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against an affected device. The vulnerability is due to insufficient filtering of output data. An attacker could exploit this...

Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability

A vulnerability in the HTTP framework of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against an affected device. The vulnerability is due to insufficient filtering of output data. An attacker could exploit this...