|
2211
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit…
|
CWE-89
SQL Injection
|
CVE-2026-20061
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2212
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attack…
|
CWE-23
Relative Path Traversal
|
CVE-2026-20078
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2213
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attack…
|
CWE-23
Relative Path Traversal
|
CVE-2026-20081
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2214
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to condu…
|
CWE-79
Cross-site Scripting
|
CVE-2026-20132
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2215
|
6.0 |
MEDIUM
Local
|
-
|
-
|
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges …
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2026-20136
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2216
|
9.9 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vu…
|
CWE-77
Command Injection
|
CVE-2026-20147
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2217
|
4.9 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit …
|
CWE-22
Path Traversal
|
CVE-2026-20148
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2218
|
5.5 |
MEDIUM
Local
|
-
|
-
|
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected devi…
|
CWE-59
Link Following
|
CVE-2026-20161
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2219
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service.
…
|
CWE-295
Improper Certificate Validation
|
CVE-2026-20184
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2220
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirem…
|
CWE-305
Authentication Bypass by Primary Weakness
|
CVE-2026-20152
|
2026-04-18 00:09 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
