Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
linux vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3285
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data (aka bugs CSCsd15955)....
Cisco Wireless Control System
5
CVSSv2
CVE-2006-3290
HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request....
Cisco Wireless Control System
7.5
CVSSv2
CVE-2006-3287
Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access (aka bug CSCse21391)....
Cisco Wireless Control System
2.6
CVSSv2
CVE-2006-3289
Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious...
Cisco Wireless Control System
5
CVSSv2
CVE-2006-3288
Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51), when configured to use a directory path name that contains a space character, allows remote authenticated users to read and overwrite arbitrary files via...
Cisco Wireless Control System
10
CVSSv2
CVE-2012-6392
Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute arbitrary commands via a crafted session, aka Bug ID CSCuc79779....
Cisco Prime Lan Management Solution 4.1
Cisco Prime Lan Management Solution 4.2
Cisco Prime Lan Management Solution 4.2.1
Cisco Prime Lan Management Solution 4.2.2
5
CVSSv2
CVE-2002-1491
The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges....
Cisco Vpn 5000 Client 5.1.2
Cisco Vpn 5000 Client 5.2.1
9.3
CVSSv2
CVE-2012-2493
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader...
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.3.254
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 3.0
4.3
CVSSv2
CVE-2012-2494
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a...
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.3.254
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 3.0
4.3
CVSSv2
CVE-2012-2495
The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before 3.6.6020 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a...
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Secure Desktop 3.1
Cisco Secure Desktop 3.1.1
Cisco Secure Desktop 3.1.1.27
Cisco Secure Desktop 3.1.1.33
Cisco Secure Desktop 3.1.1.45
Cisco Secure Desktop 3.2
Cisco Secure Desktop 3.2.1
Cisco Secure Desktop 3.3
Cisco Secure Desktop 3.4
Cisco Secure Desktop 3.4.1
Cisco Secure Desktop 3.4.2
Cisco Secure Desktop 3.4.2048
Cisco Secure Desktop 3.5
Cisco Secure Desktop 3.5.841
Cisco Secure Desktop 3.5.1077
Cisco Secure Desktop 3.5.2001
Cisco Secure Desktop
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-3691
insecure direct object reference
CVE-2021-1140
CVE-2021-2109
information disclosure
CVE-2021-1303
CVE-2021-1304
IDOR
CVE-2020-14882
1
2
3
4
5
NEXT »