|
247621
|
6.1 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) cross-site scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0091
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247622
|
7.5 |
HIGH
Network
|
cisco
|
nx-os
|
A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the managem…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0090
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247623
|
7.5 |
HIGH
Network
|
cisco
|
policy_suite
|
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this …
|
CWE-312
CWE-732
Cleartext Storage of Sensitive Information
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-0089
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247624
|
6.7 |
MEDIUM
Local
|
cisco
|
industrial_ethernet_4010_series_firmware
|
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stab…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-0088
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247625
|
8.6 |
HIGH
Network
|
cisco
|
unified_customer_voice_portal
|
A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0086
|
2024-11-21 12:37 |
2018-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247626
|
6.5 |
MEDIUM
Adjacent
|
juniper
|
screenos
|
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as C…
|
CWE-200
Information Exposure
|
CVE-2018-0014
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247627
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_space
|
A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system.
|
CWE-200
Information Exposure
|
CVE-2018-0013
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247628
|
7.8 |
HIGH
Local
|
juniper
|
junos_space
|
Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges.
|
NVD-CWE-noinfo
|
CVE-2018-0012
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247629
|
5.4 |
MEDIUM
Network
|
juniper
|
junos_space
|
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a sess…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0011
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247630
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_space
|
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. …
|
CWE-269
Improper Privilege Management
|
CVE-2018-0010
|
2024-11-21 12:37 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
