52 matches found
EUVD-2005-4787
Malware in sbrugna...
EUVD-2019-6880
Malware in sbrugna...
EUVD-2006-2167
Malware in sbrugna...
EUVD-2013-1160
Malware in sbrugna...
CVE-2013-1120
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910...
CVE-2013-1114
Multiple cross-site scripting XSS vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527...
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager Denial of Service (CVE-2005-4794)
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager SESM allows remote attackers to cause a denial of service crash or instability via a compressed DNS packet with a label length byte with an incorrect offset. This plugin only works with...
Cisco Unity Express Insecure Deserialization (CVE-2018-15381)
An insecure deserialization vulnerability exists in Cisco Unity Express. Successful exploitation of this vulnerability would allow remote attackers to send a specially crafted serialized object to the vulnerable server...
CVE-2019-15986
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Input validation
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986 Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
CVE-2019-15986
CVE-2019-15986 is a Cisco Unity Express local command injection vulnerability. An authenticated, local attacker with valid administrator credentials can feed crafted CLI commands due to improper input validation, leading to arbitrary commands executed with root privileges. Cisco’s advisory confir...
CVE-2019-15986 Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Cisco Unity Express Operating System Command Injection Vulnerability
Cisco Unity Express CUE is a set of voice communication solutions from the American company Cisco Cisco. The product includes features such as voicemail and interactive voice response IVR. An operating system command injection vulnerability exists in Cisco CUE versions prior to 10.1, which stems...
Cisco Unity Express Command Injection Vulnerability
A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...
Cisco Unity Express CVE-2019-15986 Local Command Injection Vulnerability
Description Cisco Unity Express is prone to a local command-injection vulnerability. A local attacker can exploit this issue to execute arbitrary commands on the underlying OS with root privileges. This issue is being tracked by Cisco Bug ID CSCvq54120. Versions prior to Cisco Unity Express 10.1...
CVE-2018-15381 Cisco Unity Express Arbitrary Command Execution Vulnerability
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
CVE-2018-15381 Cisco Unity Express Arbitrary Command Execution Vulnerability
A Java deserialization vulnerability in Cisco Unity Express CUE could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An...
CVE-2018-15381
Cisco Unity Express (CUE) is affected by CVE-2018-15381 due to insecure Java deserialization, allowing an unauthenticated remote attacker to execute arbitrary shell commands with root privileges by sending a malicious serialized Java object to the RMI service. Affected releases prior to Cisco Uni...