|
310971
|
8.1 |
HIGH
Network
|
-
|
-
|
A vulnerability in Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform remote code execution on the application with root-level privileges in…
|
CWE-489
Exposure of Data Element to Wrong Session
|
CVE-2022-20649
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310972
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions that could result in the disclosure of c…
|
CWE-200
Information Exposure
|
CVE-2022-20648
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310973
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to redirect a user to an undesired web page.
This vulnerability is due to impr…
|
CWE-601
Open Redirect
|
CVE-2022-20634
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310974
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.…
|
-
|
CVE-2022-20631
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310975
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a u…
|
CWE-79
Cross-site Scripting
|
CVE-2022-20626
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310976
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenti…
|
CWE-284
Improper Access Control
|
CVE-2024-20373
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310977
|
9.1 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges.
This vul…
|
CWE-305
Authentication Bypass by Primary Weakness
|
CVE-2023-20154
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310978
|
8.6 |
HIGH
Network
|
-
|
-
|
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition.
…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-20125
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310979
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code…
|
CWE-22
Path Traversal
|
CVE-2024-50324
|
2024-11-19 02:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310980
|
7.2 |
HIGH
Network
|
lopalopa
|
e-learning_management_system
|
A SQL Injection vulnerability was found in /admin/add_content.php in kashipara E-learning Management System Project 1.0 via the title and content parameters.
|
CWE-89
SQL Injection
|
CVE-2024-50826
|
2024-11-19 01:39 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
