|
1001
|
- |
|
-
|
-
|
Deserialization of untrusted data vulnerability in OpenText, Inc RightFax on Windows, 64 bit, 32 bit allows Object Injection.This issue affects RightFax: through 25.4.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-15610
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1002
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
T…
|
CWE-79
Cross-site Scripting
|
CVE-2026-20059
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1003
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is du…
|
CWE-601
Open Redirect
|
CVE-2026-20060
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1004
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit…
|
CWE-89
SQL Injection
|
CVE-2026-20061
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1005
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attack…
|
CWE-23
Relative Path Traversal
|
CVE-2026-20078
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1006
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attack…
|
CWE-23
Relative Path Traversal
|
CVE-2026-20081
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1007
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to condu…
|
CWE-79
Cross-site Scripting
|
CVE-2026-20132
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1008
|
6.0 |
MEDIUM
Local
|
-
|
-
|
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges …
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2026-20136
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1009
|
9.9 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vu…
|
CWE-77
Command Injection
|
CVE-2026-20147
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1010
|
4.9 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit …
|
CWE-22
Path Traversal
|
CVE-2026-20148
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
