|
222321
|
8.6 |
HIGH
Network
|
cisco
|
email_security_appliance
asyncos
|
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization …
|
CWE-20
Improper Input Validation
|
CVE-2019-1947
|
2024-11-21 13:37 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222322
|
7.2 |
HIGH
Network
|
cisco
|
unified_contact_center_express
unified_ip_interactive_voice_response
|
A vulnerability in the Administration Web Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to upload arbitrary files and execute commands …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-1888
|
2024-11-21 13:37 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222323
|
6.6 |
MEDIUM
Physics
|
cisco
|
identity_services_engine
unified_computing_system
|
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation ch…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2019-1736
|
2024-11-21 13:37 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222324
|
7.8 |
HIGH
Local
|
ricoh
|
streamline_nx_pc_client
streamline_nx_client_tool
|
An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.
|
NVD-CWE-noinfo
|
CVE-2019-20001
|
2024-11-21 13:37 |
2020-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222325
|
9.8 |
CRITICAL
Network
|
nec
|
sv8100_firmware
|
On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface.
|
CWE-287
Improper Authentication
|
CVE-2019-20033
|
2024-11-21 13:37 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222326
|
6.5 |
MEDIUM
Network
|
nec
|
sv8100_firmware
sv9100_firmware
sl1100_firmware
sl2100_firmware
|
An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may ac…
|
NVD-CWE-noinfo
|
CVE-2019-20032
|
2024-11-21 13:37 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222327
|
9.1 |
CRITICAL
Network
|
nec
|
um8000_firmware
um4730_firmware
|
NEC UM8000, UM4730 and prior non-InMail voicemail systems with all known software versions may permit an infinite number of login attempts in the telephone user interface (TUI), effectively allowing …
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2019-20031
|
2024-11-21 13:37 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222328
|
7.8 |
HIGH
Local
|
nec
|
um8000_firmware
|
An attacker with knowledge of the modem access number on a NEC UM8000 voicemail system may use SSH tunneling or standard Linux utilities to gain access to the system's LAN port. All versions are affe…
|
NVD-CWE-noinfo
|
CVE-2019-20030
|
2024-11-21 13:37 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222329
|
8.8 |
HIGH
Network
|
nec
|
sv8100_firmware
sv9100_firmware
sl1100_firmware
sl2100_firmware
|
An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially craf…
|
NVD-CWE-noinfo
|
CVE-2019-20029
|
2024-11-21 13:37 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222330
|
7.5 |
HIGH
Network
|
nec
|
sv8100_firmware
sv9100_firmware
sl1100_firmware
sl2100_firmware
|
Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100 and SL2100 devices allow unauthenticated read-only access to voicemails, greetings, and voice resp…
|
NVD-CWE-noinfo
|
CVE-2019-20028
|
2024-11-21 13:37 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
