Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

physical vulnerabilities and exploits

(subscribe to this query)

7.8
CVSSv2
CVE-2009-1163
Memory leak on the Cisco Physical Access Gateway with software before 1.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified TCP packets....
Cisco Physical Access Gateway
5
CVSSv2
CVE-2018-0416
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation...
Cisco Wireless Lan Controller Software 8.5\\(130.0\\)Cisco Wireless Lan Controller Software 8.9\\(1.52\\)
4
CVSSv2
CVE-2018-0284
A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An...
Cisco Meraki Mr 24 FirmwareCisco Meraki Mr 25 FirmwareCisco Meraki Ms 10 FirmwareCisco Meraki Ms 9 FirmwareCisco Meraki Mx 13 FirmwareCisco Meraki Mx 14 FirmwareCisco Meraki Mx 15 Firmware
10
CVSSv2
CVE-2016-6406
Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to...
Cisco Email Security Appliance Firmware 9.1.2-023Cisco Email Security Appliance Firmware 9.1.2-028Cisco Email Security Appliance Firmware 9.1.2-036Cisco Email Security Appliance Firmware 9.7.2-046Cisco Email Security Appliance Firmware 9.7.2-047Cisco Email Security Appliance Firmware 9.7.2-054Cisco Email Security Appliance Firmware 10.0.0-124Cisco Email Security Appliance Firmware 10.0.0-125
6.1
CVSSv2
CVE-2020-3577
A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The...
Cisco Firepower Threat Defense
5
CVSSv2
CVE-2005-0195
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet....
Cisco Ios 12.0sCisco Ios 12.0sxCisco Ios 12.0szCisco Ios 12.2bCisco Ios 12.2bcCisco Ios 12.2bxCisco Ios 12.2bzCisco Ios 12.2cxCisco Ios 12.2czCisco Ios 12.2ewCisco Ios 12.2ewaCisco Ios 12.2jkCisco Ios 12.2mcCisco Ios 12.2sCisco Ios 12.2seCisco Ios 12.2suCisco Ios 12.2svCisco Ios 12.2swCisco Ios 12.2sxCisco Ios 12.2sxaCisco Ios 12.2sxbCisco Ios 12.2sxdCisco Ios 12.2syCisco Ios 12.2szCisco Ios 12.2tCisco Ios 12.2ytCisco Ios 12.2yuCisco Ios 12.2yvCisco Ios 12.2yzCisco Ios 12.2zcCisco Ios 12.2zdCisco Ios 12.2zeCisco Ios 12.2zfCisco Ios 12.2zgCisco Ios 12.2zhCisco Ios 12.2ziCisco Ios 12.2zjCisco Ios 12.2zlCisco Ios 12.2znCisco Ios 12.2zoCisco Ios 12.2zpCisco Ios 12.3Cisco Ios 12.3bCisco Ios 12.3bcCisco Ios 12.3bwCisco Ios 12.3jCisco Ios 12.3jaCisco Ios 12.3tCisco Ios 12.3xaCisco Ios 12.3xbCisco Ios 12.3xcCisco Ios 12.3xdCisco Ios 12.3xeCisco Ios 12.3xfCisco Ios 12.3xgCisco Ios 12.3xhCisco Ios 12.3xiCisco Ios 12.3xkCisco Ios 12.3xlCisco Ios 12.3xmCisco Ios 12.3xnCisco Ios 12.3xqCisco Ios 12.3xrCisco Ios 12.3xsCisco Ios 12.3xtCisco Ios 12.3xuCisco Ios 12.3xwCisco Ios 12.3xxCisco Ios 12.3xyCisco Ios 12.3xzCisco Ios 12.3yaCisco Ios 12.3ydCisco Ios 12.3yeCisco Ios 12.3yfCisco Ios 12.3ygCisco Ios 12.3yh
5
CVSSv2
CVE-2002-0092
CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability....
Cvs Cvs
2.1
CVSSv2
CVE-2002-0080
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed....
Samba RsyncRedhat Linux 6.2Redhat Linux 7.0Redhat Linux 7.1Redhat Linux 7.2
7.5
CVSSv2
CVE-2002-0059
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of...
Gnu Zlib 1.0Gnu Zlib 1.0.1Gnu Zlib 1.0.2Gnu Zlib 1.0.3Gnu Zlib 1.0.4Gnu Zlib 1.0.5Gnu Zlib 1.0.6Gnu Zlib 1.0.7Gnu Zlib 1.0.8Gnu Zlib 1.0.9Gnu Zlib 1.1Gnu Zlib 1.1.1Gnu Zlib 1.1.2Gnu Zlib 1.1.3
7.8
CVSSv2
CVE-2018-15454
A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high...
Cisco Adaptive Security Appliance SoftwareCisco Firepower Threat Defense
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2021-21973mass assignmentCVE-2021-1396CVE-2018-19518CVE-2020-28599deserializationCVE-2021-1230CVE-2021-26681