Overview : |
Cisco Aironet Access Points Unauthorized Access VulnerabilityCWE-284 / CVE-2019-15260 A vulnerability in Cisco Aironet Access Points (APs) Software could allow an unauthenticated, remote attacker to gain unauthorized access to a targeted device with elevated privileges. Cisco Wireless LAN Controller Secure Shell Denial of Service VulnerabilityCWE-20 / CVE-2019-15262 A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution VulnerabilitiesCWE-119 / CVE-2019-15240, CVE-2019-15241, CVE-2019-15242, CVE-2019-15243, CVE-2019-15244, CVE-2019-15245, CVE-2019-15246, CVE-2019-15247, CVE-2019-15248, CVE-2019-15249, CVE-2019-15250, CVE-2019-15251, CVE-2019-15252 Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery VulnerabilityCWE-352 / CVE-2019-12636 A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. Cisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service VulnerabilityCWE-20 / CVE-2019-15261 A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN packet processing functionality in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service VulnerabilityCWE-400 / CVE-2019-15264 A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. Cisco Wireless LAN Controller Path Traversal VulnerabilityCWE-22 / CVE-2019-15266 A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to view system files that should be restricted. Cisco Expressway Series and TelePresence Video Communication Server Cross-Site Scripting VulnerabilityCWE-79 / CVE-2019-12705 A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. Cisco TelePresence Collaboration Endpoint Software Privilege Escalation VulnerabilityCWE-264 / CVE-2019-15277 A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute code with root privileges. Cisco TelePresence Collaboration Endpoint Software Privilege Escalation VulnerabilityCWE-264 / CVE-2019-15275 A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. Cisco TelePresence Collaboration Endpoint Software Arbitrary File Write VulnerabilityCWE-275 / CVE-2019-15962 A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. Cisco TelePresence Collaboration Endpoint Software Arbitrary File Overwrite VulnerabilitiesCWE-20 / CVE-2019-15273 Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to overwrite arbitrary files. Cisco TelePresence Collaboration Endpoint Software Command Injection VulnerabilityCWE-78 / CVE-2019-15274 A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to perform command injections. Cisco SPA100 Series Analog Telephone Adapters Web Management Interface Denial of Service VulnerabilityCWE-399 / CVE-2019-15258 A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. Cisco SPA100 Series Analog Telephone Adapters Web-Based Management Interface File Disclosure VulnerabilityCWE-200 / CVE-2019-12704 A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to view the contents of arbitrary files on an affected device. Cisco SPA100 Series Analog Telephone Adapters Running Configuration Information Disclosure VulnerabilityCWE-200 / CVE-2019-15257 A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. Cisco SPA100 Series Analog Telephone Adapters Reflected Cross-Site Scripting VulnerabilityCWE-79 / CVE-2019-12702 A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. Cisco SPA122 ATA with Router Devices DHCP Services Cross-Site Scripting VulnerabilityCWE-79 / CVE-2019-12703 A vulnerability in the web-based management interface of Cisco SPA122 ATA with Router Devices could allow an unauthenticated, adjacent attacker to conduct cross-site scripting attacks. Cisco SPA100 Series Analog Telephone Adapters Administrative Credentials Information Disclosure VulnerabilityCWE-200 / CVE-2019-12708 vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. Cisco Small Business Smart and Managed Switches Cross-Site Scripting VulnerabilityCWE-79 / CVE-2019-12718 A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. Cisco Identity Services Engine Stored Cross-Site Scripting VulnerabilityCWE-79 / CVE-2019-15281 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Cisco Identity Services Engine Multiple Stored Cross-Site Scripting VulnerabilitiesCWE-79 / CVE-2019-12637 Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface. Cisco Identity Services Engine Stored Cross-Site Scripting VulnerabilityCWE-79 / CVE-2019-12638 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface. Cisco Identity Services Engine Information Disclosure VulnerabilityCWE-306 / CVE-2019-15282 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. Cisco Firepower Management Center Software Stored Cross-Site Scripting VulnerabilityCWE-79 / CVE-2019-15280 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. Cisco Firepower Management Center Multiple Cross-Site Scripting VulnerabilitiesCWE-79 / CVE-2019-15268, CVE-2019-15269 Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. Cisco Firepower Management Center Stored Cross-Site Scripting VulnerabilityCWE-89 / CVE-2019-15270 A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. Cisco Aironet Access Points Bridge Protocol Data Unit Port Disable Denial of Service VulnerabilityCWE-20 / CVE-2019-15265 A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. |
Recent Posts
Follow Us
zzcms 2018 template_user.php ml/title code injection
A vulnerability was found in zzcms 2018 (Content Management System) and classified as critical. This issue affects an unknown function
ZyXEL VPN2S 1.12 Web Server path traversal
A vulnerability classified as problematic was found in ZyXEL VPN2S 1.12. Affected by this vulnerability is an unknown part of
Zyxel VPN2S 1.12 CGI Program os command injection
A vulnerability has been found in Zyxel VPN2S 1.12 and classified as critical. This vulnerability affects some unknown processing of
Zyxel USG/USG Flex/Zywall/ATP/VPN up to 4.64 Web-based Management Interface improper authentication
A vulnerability was found in Zyxel USG, USG Flex, Zywall, ATP and VPN up to 4.64 (Firewall Software). It has
ZyXEL GS1900-8 2.60 LLDP Packet cross site scripting
A vulnerability was found in ZyXEL GS1900-8 2.60. It has been classified as problematic. This affects an unknown code of
Zynamics BinDiff up to 6 i64 File use after free
A vulnerability, which was classified as critical, has been found in Zynamics BinDiff up to 6. This issue affects an
Web Application Firewall Solution
CVE-2024-9473 : PALO ALTO GLOBALPROTECT APP UP TO 5.1/6.1/6.2.4/6.3 ON WINDOWS REPAIR UNNECESSARY PRIVILEGES
Description A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows
CVE-2024-9463 : PALO ALTO EXPEDITION UP TO 1.2.95 DEVICE CONFIGURATION OS COMMAND INJECTION
Description An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands
CVE-2024-47763 : BYTECODEALLIANCE WASMTIME UP TO 21.0.1/22.0.0/23.0.2/24.0.0/25.0.1 CONTROL FLOW
Description Wasmtime is an open source runtime for WebAssembly. Wasmtime’s implementation of WebAssembly tail calls combined with stack traces can