CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2022/11/15 9:15 p.m.•18 views

Cross site scripting

4.3CVSS5AI score0.00155EPSS

Prion•added 2022/11/15 9:15 p.m.•21 views

Cross site scripting

4.3CVSS5AI score0.0019EPSS

Prion•added 2022/11/15 9:15 p.m.•14 views

Cross site scripting

Prion•added 2022/11/15 9:15 p.m.•20 views

Cross site scripting

Prion•added 2022/11/15 9:15 p.m.•16 views

Cross site scripting

Prion•added 2022/11/15 9:15 p.m.•16 views

Authorization

A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an unauthenticated, remote attacker to access sensitive information. This vulnerability is due to missing authorization for certain resources in the web-based management interface...

5CVSS5.2AI score0.00316EPSS

Prion•added 2022/11/15 9:15 p.m.•16 views

Cross site scripting

Cvelist•added 2022/11/10 5:42 p.m.•16 views

CVE-2022-20936

4.8CVSS5.3AI score0.00155EPSS

Cvelist•added 2022/11/10 5:42 p.m.•15 views

CVE-2022-20935

4.8CVSS5.3AI score0.00155EPSS

Vulnrichment•added 2022/11/10 5:41 p.m.•11 views

CVE-2022-20843

4.8CVSS6.1AI score0.00168EPSS

Cvelist•added 2022/11/10 5:41 p.m.•13 views

CVE-2022-20840

4.8CVSS5.3AI score0.00168EPSS

Cvelist•added 2022/11/10 5:40 p.m.•19 views

CVE-2022-20836

4.8CVSS5.3AI score0.00168EPSS

CVE•added 2022/11/10 5:38 p.m.•72 views

CVE-2022-20831

CVE-2022-20831 involves multiple stored XSS flaws in Cisco Firepower Management Center (FMC) web UI caused by insufficient validation of user input. An authenticated, remote attacker could craft input in FMC interface fields to execute script code in the user’s browser or access browser-based inf...

4.8CVSS5AI score0.0019EPSS

Positive Technologies•added 2022/11/09 12:0 a.m.•3 views

PT-2022-5691 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC Software affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attack...

4.9CVSS6AI score0.00168EPSS

Exploits0References4

Prion•added 2022/11/04 6:15 p.m.•10 views

Authorization

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management interface of an affected...

6.5CVSS8.5AI score0.00274EPSS

Cvelist•added 2022/11/03 7:28 p.m.•13 views

CVE-2022-20956

7.1CVSS8.8AI score0.00274EPSS

Vulnrichment•added 2022/11/03 7:26 p.m.•10 views

CVE-2022-20951

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery SSRF attack on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An...

7.7CVSS6.9AI score0.00524EPSS

CVE•added 2022/10/28 12:0 a.m.•67 views

CVE-2022-37914

Authentication bypass vulnerability in Aruba EdgeConnect Enterprise Orchestrator’s web-based management interface could allow an unauthenticated remote attacker to gain administrative privileges and fully compromise the system. Affected versions include 9.1.2.40051 and below, 9.0.7.40108 and belo...

9.8CVSS9.7AI score0.05057EPSS

Prion•added 2022/10/27 5:15 p.m.•15 views

Cross site scripting

An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the user...

4CVSS4.7AI score0.00542EPSS