14419 matches found
CVE-2026-20081
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20081 Cisco Unity Connection Arbitrary File Download Vulnerability
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20078
Product/affected component: Cisco Unity Connection (web-based management interface). Vulnerability: Multiple input sanitization failures allow an authenticated, remote attacker to download arbitrary files from the affected system. Prerequisites: Valid administrative credentials. Attack vector: Ne...
CVE-2026-20078 Cisco Unity Connection Arbitrary File Download Vulnerability
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20078
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
CVE-2026-20078 Cisco Unity Connection Arbitrary File Download Vulnerability
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
Cisco Unity Connection Arbitrary File Download Vulnerabilities
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities
Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting XSS attack, an open redirect attack, and an SQL injection attack. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has...
Cisco Unity Connection(UC) 安全漏洞
Cisco Unity Connection is a voice messaging platform developed by Cisco, Inc. in the United States. This platform allows users to make calls or listen to messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper input validation in the...
PT-2026-33082
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerabili...
PT-2026-33084
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
PT-2026-33081
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate...
PT-2026-33083
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...
Cisco Unity Connection 安全漏洞
Cisco Unity Connection UC is a voice messaging platform developed by the American company Cisco. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection UC, which stems from improper validation of HTTP...
Cisco Unity Connection 安全漏洞
Cisco Unity Connection is a unified communications messaging platform that focuses on providing voicemail and messaging capabilities. An SQL injection vulnerability exists in Cisco Unity Connection. The vulnerability stems from insufficient validation of user-supplied input and can be exploited b...
Cisco Unity Connection 安全漏洞
Cisco Unity Connection is a voice messaging platform developed by Cisco, a company based in the United States. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper user inpu...
Cisco Unity Connection(UC) 安全漏洞
Cisco Unity Connection is a voice messaging platform developed by Cisco, a company based in the United States. This platform allows users to make calls or listen to voic messages using voice commands. There is a security vulnerability in Cisco Unity Connection, which stems from improper user inpu...
Unity Linux 20.1070e Security Update: binutils (UTSA-2026-007092)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007092 advisory. A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function processdebuginfo of the file binutils/dwarf.c of the...
Unity Linux 20.1070e Security Update: vsftpd (UTSA-2026-007077)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007077 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-007078)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007078 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain=path authorization is...