Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2020-3419
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote malicious user to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable...
Cisco Webex Meetings Server
Cisco Webex Meetings Server 3.0
Cisco Webex Meetings Server 4.0
6.5
CVSSv3
CVE-2020-3471
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote malicious user to maintain bidirectional audio despite being expelled from an active Webex session. The vulnerability is due to a synchronization issue between meeting a...
Cisco Webex Meetings Server
Cisco Webex Meetings Server 3.0
Cisco Webex Meetings Server 4.0
8.8
CVSSv3
CVE-2019-1874
A vulnerability in the web-based management interface of Cisco Prime Service Catalog Software could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protectio...
Cisco Prime Service Catalog 12.1
Cisco Prime Service Catalog 11.1
Cisco Prime Service Catalog 11.0
Cisco Prime Service Catalog 12.0
5.4
CVSSv3
CVE-2021-1311
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote malicious user to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the...
Cisco Webex Meetings Server
Cisco Webex Meetings Server 3.0
Cisco Webex Meetings Server 4.0
Cisco Webex Meetings
NA
CVE-2014-3276
Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and previous versions does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS ou...
Cisco Identity Services Engine Software
Cisco Identity Services Engine Software 1.1
Cisco Identity Services Engine Software 1.0
NA
CVE-2013-3407
The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and previous versions does not require authentication for unspecified pages, which allows remote malicious users to obtain sensitive information via a direct request, aka Bug ID CSCug65664.
Cisco Server Provisioner
Cisco Server Provisioner 6.4.0
Cisco Server Provisioner 6.3.0
5.3
CVSSv3
CVE-2020-3441
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote malicious user to view sensitive information from the meeting room lobby. This vulnerability is due to insufficient protection of sensitive participant information. An a...
Cisco Webex Meetings Server
Cisco Webex Meetings Server 3.0
Cisco Webex Meetings Server 4.0
Cisco Webex Meetings
7.8
CVSSv3
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current di...
Zohocorp Manageengine Mobile Device Manager Plus 9.0.0
Zohocorp Manageengine Patch Connect Plus 9.0.0
Zohocorp Manageengine Vulnerability Manager Plus 9.0.0
Zohocorp Manageengine Patch Manager Plus 9.0.0
Zohocorp Manageengine Browser Security Plus -
Zohocorp Manageengine Eventlog Analyzer 12.0.2
Zohocorp Manageengine Supportcenter Plus 8.1
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Oputils 11.0
Zohocorp Manageengine Desktop Central 10.0.380
Zohocorp Manageengine Firewall 12.0
Zohocorp Manageengine Key Manager Plus 5.6
Zohocorp Manageengine Password Manager Pro 9.9
Zohocorp Manageengine Analytics Plus 1.0
Zohocorp Manageengine Servicedesk Plus 10.0.0
Zohocorp Manageengine O365 Manager Plus 4.0
Zohocorp Manageengine Netflow Analyzer 11.0
Zohocorp Manageengine Network Configuration Manager 11.0
NA
CVE-2014-3275
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and previous versions allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
Cisco Identity Services Engine Software 1.1
Cisco Identity Services Engine Software
Cisco Identity Services Engine Software 1.0
4.8
CVSSv3
CVE-2020-3340
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabiliti...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »