351
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against …
New
|
CWE-79
Cross-site Scripting
|
CVE-2022-20948
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
352
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system.
This vul…
New
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2022-20939
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
353
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the soft…
New
|
CWE-527
Exposure of Version-Control Repository to an Unauthorized Control Sphere
|
CVE-2022-20931
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
354
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote …
New
|
CWE-78
OS Command
|
CVE-2022-20871
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
355
|
7.4 |
HIGH
Network
|
-
|
-
|
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack o…
New
|
CWE-352
Origin Validation Error
|
CVE-2022-20853
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
356
|
6.1 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to contin…
New
|
CWE-391
|
CVE-2022-20849
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
357
|
6.0 |
MEDIUM
Local
|
-
|
-
|
A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process.
This vulnerabil…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2022-20845
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
358
|
7.4 |
HIGH
Network
|
-
|
-
|
A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data.…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2022-20814
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
359
|
6.8 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitima…
New
|
CWE-325
Missing Required Cryptographic Step
|
CVE-2022-20793
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
360
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS cond…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2022-20766
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|