|
252071
|
5.3 |
MEDIUM
Adjacent
|
cisco
|
nx-os
firepower_extensible_operating_system
|
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2018-0395
|
2024-11-21 12:38 |
2018-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252072
|
4.8 |
MEDIUM
Network
|
cisco
|
wireless_lan_controller_software
|
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the use…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0388
|
2024-11-21 12:38 |
2018-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252073
|
7.5 |
HIGH
Network
|
cisco
|
rv180w_firmware
rv220w_firmware
|
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, r…
|
CWE-22
Path Traversal
|
CVE-2018-0405
|
2024-11-21 12:38 |
2018-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252074
|
8.1 |
HIGH
Network
|
cisco
|
prime_data_center_network_manager
|
A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted s…
|
CWE-22
Path Traversal
|
CVE-2018-0464
|
2024-11-21 12:38 |
2018-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252075
|
7.5 |
HIGH
Network
|
cisco
|
rv180w_wireless-n_multifunction_vpn_router
rv220w_wireless_network_security_firewall
|
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, r…
|
CWE-89
SQL Injection
|
CVE-2018-0404
|
2024-11-21 12:38 |
2018-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252076
|
8.8 |
HIGH
Network
|
cisco
|
cloud_services_platform_2100_firmware
|
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to perform command injection. The vulnerability is due to ins…
|
CWE-77
Command Injection
|
CVE-2018-0454
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252077
|
5.7 |
MEDIUM
Network
|
cisco
|
secure_access_control_server_solution_engine
|
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. The vulnerabi…
|
CWE-611
XXE
|
CVE-2018-0414
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252078
|
6.5 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock
|
CWE-287
Improper Authentication
|
CVE-2018-0505
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252079
|
6.5 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-0504
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252080
|
4.3 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.
|
CWE-269
Improper Privilege Management
|
CVE-2018-0503
|
2024-11-21 12:38 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
