36 matches found
EUVD-2016-2568
Malware in sbrugna...
EUVD-2024-18166
Malicious code in bioql PyPI...
The vulnerability in the web interface for managing microprogrammed IP phones from Cisco Small Business SPA300 and SPA500 allows a hacker to trigger a service failure.
The vulnerability in the web interface for managing Microprogramming software in Cisco Small Business SPA300 and SPA500 phones is related to the copying of input data into the buffer without checking its size. Exploiting this vulnerability can allow an attacker, operating remotely, to cause servi...
The vulnerability of the web interface of the microprogramming software for Cisco Small Business SPA300 and SPA500 allows a perpetrator to execute arbitrary commands in the basic operating system.
The vulnerability of the web interface of Cisco Small Business SPA300 and SPA500 microprogramming software lies in the copying of input data into memory without checking its size. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands on the basic...
The vulnerability in the web interface for managing microprogrammed IP phones from Cisco Small Business SPA300 and SPA500 allows a hacker to trigger a service failure.
The vulnerability in the web interface for managing Microprogramming software in Cisco Small Business SPA300 and SPA500 phones is related to the copying of input data into the buffer without checking its size. Exploiting this vulnerability can allow an attacker, operating remotely, to cause servi...
The vulnerability of the web interface of the microprogramming software for Cisco Small Business SPA300 and SPA500 allows a perpetrator to execute arbitrary commands in the basic operating system.
The vulnerability of the web interface of Cisco Small Business SPA300 and SPA500 microprogramming software lies in the copying of input data into memory without checking its size. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands on the basic...
CVE-2024-20450
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
CVE-2024-20451
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly. These vulnerabilities exist because...
CVE-2024-20454
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
EUVD-2024-18165
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
CVE-2024-20450
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges...
PT-2024-5616 · Cisco · Cisco Small Business Spa500 +1
Name of the Vulnerable Software and Affected Versions: Cisco Small Business SPA300 and SPA500 affected versions not specified Description: The issue is related to a buffer overflow vulnerability in the web interface of the Cisco Small Business SPA300 and SPA500 IP phone software. This vulnerabili...
Cisco SPA300 and SPA500 Series IP Phones Cross-Site Request Forgery Vulnerability
The Cisco SPA300 and SPA500 Series IP Phones are both IP phone products from Cisco USA. A cross-site request forgery vulnerability exists in the Cisco SPA300 and SPA500 Series IP Phones that stems from a lack of cross-site request forgery protection in the program. A remote attacker could exploit...
CVE-2017-12271
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
Cross site request forgery (csrf)
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
CVE-2017-12271
CVE-2017-12271 affects Cisco SPA300 and SPA500 Series IP Phones. The issue is a lack of cross-site request forgery (CSRF) protection in the web interface, allowing an unauthenticated, remote attacker to trigger unwanted actions by tricking a user into executing an adverse action. Documented impac...
PT-2017-12446 · Cisco · Cisco Spa500 Series Ip Phones +1
Name of the Vulnerable Software and Affected Versions: Cisco SPA300 and SPA500 Series IP Phones affected versions not specified Description: A lack of cross-site request forgery CSRF protection in the Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to...
Cisco SPA300 and SPA500 Series IP Phones Cross-Site Request Forgery Vulnerability
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
CVE-2017-12219
The CVE-2017-12219 vulnerability affects Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones. It stems from the devices’ handling of IP fragments, specifically an inability to reassemble many large fragments in a short time. A remote, unauthenticated attacker can send a crafted strea...
CVE-2017-12219
A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to the...