|
252611
|
8.8 |
HIGH
Network
|
cisco
|
cloud_services_platform_2100_firmware
|
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to perform command injection. The vulnerability is due to ins…
|
CWE-77
Command Injection
|
CVE-2018-0454
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252612
|
5.7 |
MEDIUM
Network
|
cisco
|
secure_access_control_server_solution_engine
|
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. The vulnerabi…
|
CWE-611
XXE
|
CVE-2018-0414
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252613
|
6.5 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock
|
CWE-287
Improper Authentication
|
CVE-2018-0505
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252614
|
6.5 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-0504
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252615
|
4.3 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.
|
CWE-269
Improper Privilege Management
|
CVE-2018-0503
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252616
|
8.6 |
HIGH
Network
|
cisco
|
ios
ios_xe
|
A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, r…
|
CWE-20
Improper Input Validation
|
CVE-2018-0485
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252617
|
6.7 |
MEDIUM
Local
|
cisco
|
ios_xe
|
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. T…
|
CWE-78
OS Command
|
CVE-2018-0481
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252618
|
6.1 |
MEDIUM
Adjacent
|
cisco
|
ios_xe
|
A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condit…
|
CWE-362
Race Condition
|
CVE-2018-0480
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252619
|
6.7 |
MEDIUM
Local
|
cisco
|
ios_xe
|
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. T…
|
CWE-78
OS Command
|
CVE-2018-0477
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252620
|
5.9 |
MEDIUM
Network
|
cisco
|
ios_xe
|
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to …
|
NVD-CWE-noinfo
|
CVE-2018-0476
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
