Lucene search
K

24 matches found

Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.8 views

CVE-2026-7958

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.9AI score0.00142EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-10259

Malware in sbrugna...

6.1CVSS6.3AI score0.01211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/03 4:20 p.m.21 views

CVE-2024-20281

A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus Dashboard hosted services could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF...

7.5CVSS7.5AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/15 2:20 p.m.28 views

CVE-2022-20735 Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

6.5CVSS7AI score0.00467EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.16 views

Cisco Webex Player Memory Corruption Vulnerability Vulnerability (cisco-sa-webex-player-kxtkFbnR)

The version of Cisco Webex Network Recording Player and Cisco Webex Player installed on the remote host is affected by a remote code execution vulnerability due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format ARF or th...

6.1CVSS7.3AI score0.00576EPSS
Exploits0References3
Prion
Prion
added 2020/09/23 1:15 a.m.18 views

Input validation

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain elements with a Webex...

9.3CVSS7.7AI score0.01715EPSS
Exploits0References1Affected Software3
BDU FSTEC
BDU FSTEC
added 2019/12/09 12:0 a.m.5 views

The vulnerability in the implementation of the Page.downloadBehavior backend of the Google Chrome browser allows a hacker to persuade users to install a malicious extension.

The vulnerability of the PagedownloadBehavior implementation in Google Chrome’s browser lies in the lack of restrictions on file downloads. Exploiting this vulnerability can allow a malicious actor to persuade a user to install a malicious extension through a specially created HTML page...

9.6CVSS7.7AI score0.01315EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2019/06/05 4:35 p.m.25 views

CVE-2019-1881 Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Industrial Network Director IND could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

4.7CVSS8.9AI score0.01287EPSS
Exploits1References2
Cisco
Cisco
added 2018/10/03 4:0 p.m.532 views

Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

4.3CVSS2.6AI score0.00566EPSS
Exploits0References1
Cisco
Cisco
added 2018/09/05 4:0 p.m.30 views

Cisco Tetration Analytics Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an authenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for t...

4.6CVSS2.3AI score0.00707EPSS
Exploits0References1
Cisco
Cisco
added 2018/09/05 4:0 p.m.35 views

Cisco Meeting Server Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the...

6.1CVSS2.3AI score0.01231EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/06/21 11:0 a.m.24 views

CVE-2018-0365

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

8.8AI score0.00949EPSS
Exploits0References2
Prion
Prion
added 2018/03/08 7:29 a.m.24 views

Cross site request forgery (csrf)

A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

6.8CVSS8.6AI score0.01215EPSS
Exploits0References3Affected Software1
Cisco
Cisco
added 2018/03/07 4:0 p.m.32 views

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

6.1CVSS2.6AI score0.00868EPSS
Exploits0References1
Cisco
Cisco
added 2017/03/15 4:0 p.m.31 views

Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Manager CallManager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web interface of the affected software. The vulnerability is due to insufficient CSRF...

6.5CVSS6.7AI score0.00769EPSS
Exploits0References1
Cisco
Cisco
added 2015/05/14 3:56 p.m.36 views

Cisco Access Control Server File Inclusion Vulnerability

A vulnerability in Cisco Access Control Server ACS could allow an unauthenticated, remote attacker to perform a file inclusion attack. The vulnerability is due to improper input validation of certain parameters passed to an affected device. An attacker could exploit this vulnerability by convinci...

4.3CVSS7AI score0.0111EPSS
Exploits0References1
Cisco
Cisco
added 2015/05/01 8:16 p.m.21 views

Cisco Finesse Server Cross-Site Scripting Vulnerability

A vulnerability in Cisco Finesse Server could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks. The vulnerability is due to improper input validation of certain parameters passed via HTTP GET or POST methods to an affected device. An unauthenticated, remote...

4.3CVSS5.9AI score0.0136EPSS
Exploits0References1
Cisco
Cisco
added 2014/05/07 7:19 p.m.35 views

Cisco Broadcast Access Center for Telco and Wireless Cross-Site Request Forgery Vulnerability

A vulnerability in the web framework of the Cisco Broadcast Access Center for Telco and Wireless BAC-TW could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack against the Cisco BAC-TW web interface. The vulnerability is due to insufficient CSRF...

4.3CVSS6.5AI score0.00818EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/06 3:50 p.m.34 views

Cisco SocialMiner Cross-Site Scripting Vulnerability

A vulnerability in the bookmarklet.jsp page of Cisco SocialMiner could allow an unauthenticated, remote attacker to send a malicious script to an unsuspecting user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by convincing the user of th...

4.3CVSS3.1AI score0.01792EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/15 7:10 p.m.19 views

Cisco Secure Access Control System Help Index Cross-Site Scripting Vulnerability

A vulnerability in the Access Control System Help index page of Cisco Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input...

4.3CVSS1.8AI score0.00931EPSS
Exploits0References1
Rows per page
Query Builder