16820 matches found
Apache Airflow Unauthenticated Access
Apache Airflow is a platform to programmatically author, schedule and monitor workflows. When authentication is not enabled, an attacker can access the Airflow web interface without any credentials. This may allow an attacker to view and modify workflows, access sensitive information, and...
CVE-2025-20356
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20361
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...
CVE-2025-20357
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-54292
CVE-2025-54292 concerns a path traversal vulnerability in Canonical’s LXD/LXD-UI prior to versions 6.5 and 5.21.4. The accessible details in the provided documents indicate that an authenticated remote attacker could abuse crafted resource names in URL paths to access or modify unintended resourc...
VulnCheck KEV: CVE-2025-4008
The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote...
CVE-2025-20357
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20361
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...
CVE-2025-20357
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20356
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20356
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20357 Cisco CyberVision Center Reports Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-base...
CVE-2025-20361 Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...
CVE-2025-20361
CVE-2025-20361 describes a stored cross-site scripting vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The issue arises from improper validation of user-supplied input in the inter...
CVE-2025-20361 Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...
Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...
Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities exist because the web-based management interface of an...
PT-2025-40266
Name of the Vulnerable Software and Affected Versions Cisco Cyber Vision Center affected versions not specified Description A flaw exists in the web-based management interface of Cisco Cyber Vision Center that could permit an authenticated, remote attacker to perform cross-site scripting XSS...
PT-2025-40268
Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME affected versions not specified Description A flaw exists in the web-based management interface that may allow a...
PT-2025-40267
Name of the Vulnerable Software and Affected Versions Cisco Cyber Vision Center affected versions not specified Description A flaw exists in the web-based management interface that could allow a remote attacker with valid administrative credentials to perform cross-site scripting XSS attacks...