Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure endpoint vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-3336
A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote malicious user to modify the filesystem to cause a denial of service (DoS) or gain privileged access to the root fi...
Cisco Roomos -
Cisco Telepresence Collaboration Endpoint
4.3
CVSSv3
CVE-2020-3222
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, adjacent malicious user to bypass access control restrictions on an affected device. The vulnerability is due to the presence of a proxy service at a specific endpoin...
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1b
Cisco Ios Xe 16.10.1c
Cisco Ios Xe 16.10.1d
Cisco Ios Xe 16.10.1e
Cisco Ios Xe 16.10.1f
Cisco Ios Xe 16.10.1g
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.2
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1t
Cisco Ios Xe 16.12.1w
Cisco Ios Xe 16.12.1y
8.8
CVSSv3
CVE-2020-3224
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. The injected commands should require a higher privilege level in order to be exe...
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1y
7.2
CVSSv3
CVE-2019-1756
A vulnerability in Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied inp...
Cisco Ios 11.0\\(20.3\\)
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.7.1b
Cisco Ios Xe 16.8.1
Cisco Ios 16.9\\(1\\)
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.7.2
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.7.3
Cisco Ios Xe 16.7.1a
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 3.2.0ja
Cisco Ios Xe 16.8.1c
Cisco Ios Xe 16.8.1e
8.8
CVSSv3
CVE-2019-1754
A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote malicious user to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to improper validation of user privileges of w...
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.9.1c
Cisco Ios Xe 16.7.1a
Cisco Ios Xe 16.7.1b
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.9.1d
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.8.1e
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 3.2.0ja
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.8.1c
NA
CVE-2007-1800
Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote malicious users to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be li...
Cisco Trust Agent
6.5
CVSSv3
CVE-2018-0229
A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Sof...
Cisco Anyconnect Secure Mobility Client 4.6\\(200\\)
Cisco Adaptive Security Appliance Software 9.8\\(1.245\\)
1 Article
NA
CVE-2015-0208
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to...
Openssl Openssl 1.0.2
NA
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
4.8
CVSSv3
CVE-2023-20208
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote malicious user to conduct an XSS attack against a user of the web-based management interface of an affected device.
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »