|
249621
|
6.1 |
MEDIUM
Network
|
cisco
|
identity_services_engine_software
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0339
|
2024-11-21 12:38 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249622
|
7.8 |
HIGH
Local
|
cisco
|
unified_computing_system
|
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS) Software could allow an authenticated, local attacker to execute arbitrary commands on an affected…
|
CWE-863
Incorrect Authorization
|
CVE-2018-0338
|
2024-11-21 12:38 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249623
|
8.8 |
HIGH
Network
|
cisco
|
prime_collaboration
|
A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level. The vulner…
|
CWE-862
Missing Authorization
|
CVE-2018-0336
|
2024-11-21 12:38 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249624
|
7.8 |
HIGH
Local
|
cisco
|
prime_collaboration
|
A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to i…
|
CWE-532
CWE-522
Inclusion of Sensitive Information in Log Files
Insufficiently Protected Credentials
|
CVE-2018-0335
|
2024-11-21 12:38 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249625
|
4.8 |
MEDIUM
Network
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could …
|
CWE-295
Improper Certificate Validation
|
CVE-2018-0334
|
2024-11-21 12:38 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249626
|
5.8 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic…
|
CWE-693
Protection Mechanism Failure
|
CVE-2018-0333
|
2024-11-21 12:38 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249627
|
7.5 |
HIGH
Network
|
cisco
|
web_security_appliance
|
A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and by…
|
NVD-CWE-noinfo
|
CVE-2018-0353
|
2024-11-21 12:38 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249628
|
5.9 |
MEDIUM
Network
|
t-joy
|
kinepass
|
The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and …
|
CWE-295
Improper Certificate Validation
|
CVE-2018-0591
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249629
|
4.3 |
MEDIUM
Network
|
ultimatemember
|
user_profile_\&_membership
|
Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to modify the other users profiles via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2018-0590
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249630
|
4.3 |
MEDIUM
Network
|
ultimatemember
|
user_profile_\&_membership
|
Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to add a new form in the 'Forms' page via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2018-0589
|
2024-11-21 12:38 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
