Lucene search

K
CiscoAnyconnect Secure Mobility Client*

7 matches found

CVE
CVE
added 2015/03/17 2:1 a.m.56 views

CVE-2015-0662

Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation, aka Bug ID CSCus79385.

7.2CVSS6.6AI score0.00084EPSS
CVE
CVE
added 2015/03/17 2:1 a.m.52 views

CVE-2015-0665

The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.

6.6CVSS6.5AI score0.00075EPSS
CVE
CVE
added 2015/03/18 11:59 p.m.48 views

CVE-2015-0664

The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.

4.3CVSS6.6AI score0.00073EPSS
CVE
CVE
added 2015/03/17 2:1 a.m.45 views

CVE-2015-0663

Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages, aka Bug ID CSCus79392.

6.6CVSS6.5AI score0.00084EPSS
CVE
CVE
added 2015/01/14 7:59 p.m.38 views

CVE-2014-3314

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.

5CVSS7.1AI score0.00354EPSS
CVE
CVE
added 2015/06/04 10:59 a.m.36 views

CVE-2015-0761

Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privileges via crafted vpnagent options, aka Bug ID CSCus86790.

7.2CVSS6.5AI score0.00122EPSS
CVE
CVE
added 2015/02/03 10:59 p.m.34 views

CVE-2014-8021

Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mobility Client 3.1(.02043) and earlier and Cisco HostScan Engine 3.1(.05183) and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq8014...

4.3CVSS5.7AI score0.00277EPSS