|
246891
|
7.5 |
HIGH
Network
|
cisco
|
wireless_lan_controller_software
|
A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hi…
|
CWE-287
Improper Authentication
|
CVE-2018-0382
|
2024-11-21 12:38 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246892
|
7.5 |
HIGH
Network
|
cisco
|
spa514g_firmware
|
A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected de…
|
NVD-CWE-noinfo
|
CVE-2018-0389
|
2024-11-21 12:38 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246893
|
7.5 |
HIGH
Network
|
osstech
|
openam
|
OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecifie…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2018-0696
|
2024-11-21 12:38 |
2019-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246894
|
7.5 |
HIGH
Network
|
qnap
|
photo_station
|
Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive…
|
CWE-22
Path Traversal
|
CVE-2018-0722
|
2024-11-21 12:38 |
2019-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246895
|
6.5 |
MEDIUM
Network
|
cisco
|
ios
|
A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despit…
|
NVD-CWE-noinfo
|
CVE-2018-0484
|
2024-11-21 12:38 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246896
|
5.4 |
MEDIUM
Network
|
cisco
|
jabber
|
A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerabi…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0483
|
2024-11-21 12:38 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246897
|
5.4 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0482
|
2024-11-21 12:38 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246898
|
8.8 |
HIGH
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view digest credentials in clear text. The vulnerability…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-0474
|
2024-11-21 12:38 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246899
|
8.8 |
HIGH
Network
|
cisco
|
ip_phone_8800_series_firmware
|
A vulnerability in the Cisco IP Phone 8800 Series Software could allow an unauthenticated, remote attacker to conduct an arbitrary script injection attack on an affected device. The vulnerability exi…
|
CWE-94
Code Injection
|
CVE-2018-0461
|
2024-11-21 12:38 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246900
|
4.2 |
MEDIUM
Local
|
cisco
|
jabber
|
A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to corrupt arbitrary files on a…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-0449
|
2024-11-21 12:38 |
2019-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
