Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
Cisco Nx-os 1.0\\(1.110a\\)
Cisco Nx-os 1.0\\(1e\\)
8.8
CVSSv3
CVE-2019-15956
A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote malicious user to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization c...
Cisco Asyncos
Cisco Web Security Appliance 10.5.2-072
Cisco Web Security Appliance 11.5.1-fcs-125
Cisco Web Security Appliance 11.7.0-fcs-418
9.8
CVSSv3
CVE-2018-0318
A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote malicious user to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password reset request....
Cisco Prime Collaboration
Cisco Prime Collaboration Provisioning
5.5
CVSSv3
CVE-2017-6693
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local malicious user to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Aff...
Cisco Elastic Services Controller 2.2\\(9.76\\)
Cisco Elastic Services Controller 2.3\\(1\\)
NA
CVE-2003-0752
SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote malicious users to bypass authentication via a modified cook_id parameter.
Attila-php.net Attilaphp
1 EDB exploit
5.5
CVSSv3
CVE-2021-34771
A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local malicious user to view more information than their privileges allow. This vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker ...
Cisco Ios Xr
NA
CVE-2002-2425
Sun AnswerBook2 1.2 up to and including 1.4.2 allows remote malicious users to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request.
Sun Solaris Answerbook2 1.2
Sun Solaris Answerbook2 1.4
Sun Solaris Answerbook2 1.4.1
Sun Solaris Answerbook2 1.4.2
Sun Solaris Answerbook2 1.3
1 EDB exploit
NA
CVE-2015-0768
The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login sess...
Cisco Prime Network Control System 2.1\\(0.0.85\\)
Cisco Prime Network Control System 2.2\\(0.0.58\\)
Cisco Prime Network Control System 2.2\\(0.0.69\\)
7.8
CVSSv3
CVE-2019-1601
A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local malicious user to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted d...
Cisco Nx-os
NA
CVE-2014-8036
The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote malicious users to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254.
Cisco Webex Meetings Server -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »