|
247001
|
5.5 |
MEDIUM
Local
|
cisco
|
ios_xe
ios
|
A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite syste…
|
CWE-22
Path Traversal
|
CVE-2018-0123
|
2024-11-21 12:37 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247002
|
4.4 |
MEDIUM
Local
|
cisco
|
staros
|
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are …
|
CWE-78
OS Command
|
CVE-2018-0122
|
2024-11-21 12:37 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247003
|
4.3 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct an SQL injection attack against an affected system. The vulnerabi…
|
CWE-89
SQL Injection
|
CVE-2018-0120
|
2024-11-21 12:37 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247004
|
4.7 |
MEDIUM
Network
|
cisco
|
conference_director
|
A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote attacker to interact with and view information on an affected device tha…
|
NVD-CWE-noinfo
|
CVE-2018-0119
|
2024-11-21 12:37 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247005
|
8.6 |
HIGH
Network
|
cisco
|
asr_5000_firmware
asr_5500_firmware
|
A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause bot…
|
CWE-20
Improper Input Validation
|
CVE-2018-0117
|
2024-11-21 12:37 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247006
|
7.2 |
HIGH
Network
|
cisco
|
mobility_services_engine
|
A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however,…
|
CWE-287
Improper Authentication
|
CVE-2018-0116
|
2024-11-21 12:37 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247007
|
8.8 |
HIGH
Network
|
cisco
|
unified_computing_system_central_software
|
A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user. The vulnerabilit…
|
CWE-20
Improper Input Validation
|
CVE-2018-0113
|
2024-11-21 12:37 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247008
|
8.6 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a r…
|
NVD-CWE-Other
|
CVE-2018-0136
|
2024-11-21 12:37 |
2018-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247009
|
10.0 |
CRITICAL
Network
|
cisco
|
adaptive_security_appliance_software
firepower_threat_defense
|
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the af…
|
CWE-415
Double Free
|
CVE-2018-0101
|
2024-11-21 12:37 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247010
|
6.7 |
MEDIUM
Local
|
cisco
|
staros
|
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an…
|
CWE-78
OS Command
|
CVE-2018-0115
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
