CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

19 matches found

Vulnrichment•added 2019/01/10 11:0 p.m.•9 views

CVE-2018-15461 Cisco Webex Business Suite Cross-Site Scripting Vulnerability

A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by convinci...

6.1CVSS5.9AI score0.0012EPSS

Exploits0References2

Cisco•added 2015/08/18 8:55 p.m.•17 views

Multiple Cisco Finesse Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in Cisco Finesse could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks. The vulnerabilities are due to improper input validation of certain parameters passed via HTTP GET or POST methods to an affected device. An unauthenticated, remo...

4.3CVSS6.2AI score0.00469EPSS

Exploits0References1

Cisco•added 2015/07/15 12:12 a.m.•21 views

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against the user of the web interface. The vulnerability is due to insufficient CSRF protections. An attacker could exploit th...

4.3CVSS6.7AI score0.00117EPSS

Exploits0References1

Cisco•added 2015/07/13 4:11 p.m.•81 views

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the Cisco Identity Services Engine ISE Infra Admin UI could allow an unauthenticated, remote attacker to perform a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of some parameters passed via HTTP GET or POST methods. An attacker coul...

4.3CVSS5.9AI score0.00263EPSS

Exploits0References1

Cisco•added 2015/05/12 7:39 p.m.•19 views

Cisco Headend Digital Broadband Delivery System Cross-Site Scripting Vulnerability

A vulnerability in the web-based administration interface of the Cisco Headend Digital Broadband Delivery System could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on the affected device. The vulnerability is due to improper input validation of certain...

4.3CVSS5.9AI score0.0035EPSS

Exploits0References1

Cisco•added 2015/03/02 9:4 p.m.•23 views

Cisco Unified Web Interaction Manager Cross-Site Scripting Vulnerability

A vulnerability in Cisco Unified Web Interaction Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to a lack of input sanitization of the Cisco Unified Web...

4.3CVSS5.9AI score0.00296EPSS

Exploits0References1

Cisco•added 2015/02/11 5:41 p.m.•23 views

Cisco Prime Infrastructure Cross-Frame Scripting Vulnerability

A vulnerability in the web interface of the Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user ...

4.3CVSS6.5AI score0.00422EPSS

Exploits0References1

Cisco•added 2014/10/15 9:18 p.m.•26 views

Cisco Prime Optical Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco Prime Optical could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack. The vulnerability is due to insufficient validation of a parameter. An attacker could exploit this vulnerability by persuading a...

6.8CVSS5.6AI score0.00555EPSS

Exploits0References1

Cisco•added 2014/07/28 8:0 p.m.•23 views

Cisco WebEx Meetings Server OutlookAction Class Vulnerability

A vulnerability in the OutlookAction Class of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate valid user accounts. The vulnerability is due to improper sanitization of a returned message. An attacker could exploit this vulnerability by sending crafted URL...

5CVSS6.3AI score0.00483EPSS

Exploits0References1

Cisco•added 2014/07/28 8:0 p.m.•21 views

Cisco WebEx Meetings Server Web Framework Vulnerability

A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view sensitive information. The vulnerability occurs because sensitive information is passed in a query string. An attacker could exploit this vulnerability by viewing applicatio...

4CVSS6.1AI score0.00384EPSS

Exploits0References1

Cisco•added 2014/07/28 8:0 p.m.•25 views

Cisco WebEx Meetings Server User Enumeration Vulnerability

A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate valid user accounts. The vulnerability is due to improper sanitization of a returned message. An attacker could exploit this vulnerability by sending crafted URL reques...

5CVSS6.3AI score0.00348EPSS

Exploits0References1

Cisco•added 2014/07/25 2:29 p.m.•24 views

Cisco WebEx Meetings Server Stack Trace Vulnerability

A vulnerability in the ProfileAction controller of Cisco WebEx Meetings Server CWMS could allow an unauthenticated, remote attacker to view sensitive information. The vulnerability is due to improper sanitization of returned messages. An attacker could exploit this vulnerability by submitting...

5CVSS6.3AI score0.00607EPSS

Exploits0References1

Cisco•added 2014/05/22 3:1 p.m.•14 views

Cisco Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient input validation of a parameter. An attacker could exploit this...

4.3CVSS5.6AI score0.00309EPSS

Exploits0References1

Cisco•added 2014/02/19 8:20 p.m.•20 views

Cisco Unified Communications Manager CAPF Unauthenticated Blind SQL Injection Vulnerability

A vulnerability in the Certificate Authority Proxy Function CAPF of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to impact the integrity of the system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate...

4.3CVSS7AI score0.00222EPSS

Exploits1References1

Cisco•added 2014/02/12 7:58 p.m.•21 views

Cisco Unified Communications Manager IPMA Blind SQL Injection Vulnerability

A vulnerability in the Cisco Unified Communications Manager UCM IP Manager Assistant IPMA interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input validation on user-supplied...

4.3CVSS7AI score0.00397EPSS

Exploits0References1

Cisco•added 2014/01/10 3:54 p.m.•24 views

Cisco Secure Access Control System Cross-Site Scripting Vulnerability

A vulnerability in Cisco Secure Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a parameter. An attacke...

4.3CVSS2.5AI score0.0042EPSS

Exploits0References1

Cisco•added 2013/12/13 3:24 p.m.•23 views

Cisco WebEx Training Center Open Redirect Vulnerability

A vulnerability in Cisco WebEx Training Center could allow an unauthenticated, remote attacker to cause the Cisco WebEx Training Center to issue a redirect to an arbitrary attacker-supplied URL. The vulnerability is due to an open redirect issue in Cisco WebEx Training Center. An attacker could...

4.3CVSS1.8AI score0.00528EPSS

Exploits1References1

Cisco•added 2013/12/13 2:21 p.m.•18 views

Cisco WebEx Training Center Registration ID Exposure Vulnerability

A vulnerability in Cisco WebEx Training Center could allow an unauthenticated, remote attacker to gather the registration ID of other users. The vulnerability is due to inappropriate disclosure of sensitive information to unauthenticated users. An attacker could exploit this vulnerability by...

4.3CVSS3.1AI score0.00928EPSS

Exploits1References1

Cisco•added 2013/12/03 9:35 p.m.•25 views

Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability

A vulnerability in the Assurance component of Cisco Prime Collaboration could allow an unauthenticated, remote attacker to conduct several cross-site scripting XSS attacks against the user of the web interface of the affected system. The vulnerability is due to insufficient validation of user...

4.3CVSS1.3AI score0.00371EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by