Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco application services engine vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2003-0545
Double free vulnerability in OpenSSL 0.9.7 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
Openssl Openssl 0.9.6
Openssl Openssl 0.9.7
9
CVSSv3
CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...
Apache Log4j 2.0
Apache Log4j
Intel Oneapi -
Intel Audio Development Kit -
Intel Datacenter Manager -
Intel System Debugger -
Intel Secure Device Onboard -
Intel Sensor Solution Firmware Development Kit -
Intel Computer Vision Annotation Tool -
Intel Genomics Kernel Library -
Intel System Studio -
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
195 Github repositories
9 Articles
8.8
CVSSv3
CVE-2023-20272
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote malicious user to upload malicious files to the web root of the application. This vulnerability is due to insufficient file input validation. An attacker c...
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
8.8
CVSSv3
CVE-2022-20861
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote malicious user to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack. For more information about these vulnerabilities, see the D...
Cisco Nexus Dashboard
8.8
CVSSv3
CVE-2021-1578
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote malicious user to elevate privileges to Administrator on an affected devi...
Cisco Cloud Application Policy Infrastructure Controller 5.0\\(2h\\)
Cisco Application Policy Infrastructure Controller 5.0\\(2h\\)
Cisco Cloud Application Policy Infrastructure Controller
Cisco Application Policy Infrastructure Controller
8.8
CVSSv3
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
8.8
CVSSv3
CVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
8.6
CVSSv3
CVE-2018-0277
A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to cause the ISE application server to ...
Cisco Identity Services Engine 2.0\\(0.306\\)
Cisco Identity Services Engine 2.0\\(1.130\\)
Cisco Identity Services Engine 2.1\\(0.474\\)
Cisco Identity Services Engine 2.2\\(0.470\\)
8.1
CVSSv3
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
7.8
CVSSv3
CVE-2017-12261
A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local malicious user to run arbitrary CLI commands with elevated privileges. The vulnerability is due to incomplete input validation of the...
Cisco Identity Services Engine 1.4
Cisco Identity Services Engine 2.0
Cisco Identity Services Engine 2.0.1
Cisco Identity Services Engine 2.1.0
Cisco Identity Services Engine Express 2.0
Cisco Identity Services Engine Express 2.0.1
Cisco Identity Services Engine Express 2.1.0
Cisco Identity Services Engine Express 1.4
Cisco Identity Services Engine Virtual Appliance 2.0
Cisco Identity Services Engine Virtual Appliance 2.1.0
Cisco Identity Services Engine Virtual Appliance 1.4
Cisco Identity Services Engine Virtual Appliance 2.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »