Lucene search
K

16820 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/03 12:0 a.m.3 views

Apache Airflow Unauthenticated Access

Apache Airflow is a platform to programmatically author, schedule and monitor workflows. When authentication is not enabled, an attacker can access the Airflow web interface without any credentials. This may allow an attacker to view and modify workflows, access sensitive information, and...

7.9AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/02 4:51 p.m.5 views

CVE-2025-20356

A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...

5.4CVSS6.2AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/02 4:51 p.m.7 views

CVE-2025-20361

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

4.8CVSS6.2AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/02 4:51 p.m.3 views

CVE-2025-20357

A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...

5.4CVSS6.2AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/10/02 9:26 a.m.16 views

CVE-2025-54292

CVE-2025-54292 concerns a path traversal vulnerability in Canonical’s LXD/LXD-UI prior to versions 6.5 and 5.21.4. The accessible details in the provided documents indicate that an authenticated remote attacker could abuse crafted resource names in URL paths to access or modify unintended resourc...

4.8CVSS6.4AI score0.00299EPSS
Exploits1References1Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/10/02 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-4008

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote...

8.8CVSS6.1AI score0.94666EPSS
In wildExploits3References9
NVD
NVD
added 2025/10/01 5:15 p.m.7 views

CVE-2025-20357

A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...

5.4CVSS0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/10/01 5:15 p.m.7 views

CVE-2025-20361

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

4.8CVSS0.00207EPSS
Exploits0References1
OSV
OSV
added 2025/10/01 5:15 p.m.2 views

CVE-2025-20357

A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...

5.4CVSS6AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2025/10/01 5:15 p.m.4 views

CVE-2025-20356

A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...

5.4CVSS0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/10/01 5:15 p.m.3 views

CVE-2025-20356

A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...

5.4CVSS6AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/01 4:12 p.m.6 views

CVE-2025-20357 Cisco CyberVision Center Reports Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...

5.4CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/01 4:12 p.m.8 views

CVE-2025-20361 Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

4.8CVSS0.00207EPSS
Exploits0References1
CVE
CVE
added 2025/10/01 4:12 p.m.20 views

CVE-2025-20361

CVE-2025-20361 describes a stored cross-site scripting vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The issue arises from improper validation of user-supplied input in the inter...

4.8CVSS5.9AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/01 4:12 p.m.3 views

CVE-2025-20361 Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

4.8CVSS5.9AI score0.00207EPSS
Exploits0References1
Cisco
Cisco
added 2025/10/01 4:0 p.m.8 views

Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

4.8CVSS6.3AI score0.00207EPSS
Exploits0References1
Cisco
Cisco
added 2025/10/01 4:0 p.m.8 views

Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities exist because the web-based management interface of an...

5.4CVSS6.5AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.4 views

PT-2025-40266

Name of the Vulnerable Software and Affected Versions Cisco Cyber Vision Center affected versions not specified Description A flaw exists in the web-based management interface of Cisco Cyber Vision Center that could permit an authenticated, remote attacker to perform cross-site scripting XSS...

5.4CVSS5.7AI score0.00197EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.5 views

PT-2025-40268

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME affected versions not specified Description A flaw exists in the web-based management interface that may allow a...

4.8CVSS5.9AI score0.00207EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.3 views

PT-2025-40267

Name of the Vulnerable Software and Affected Versions Cisco Cyber Vision Center affected versions not specified Description A flaw exists in the web-based management interface that could allow a remote attacker with valid administrative credentials to perform cross-site scripting XSS attacks...

5.4CVSS5.8AI score0.00197EPSS
Exploits0References4
Rows per page
Query Builder