Brain Book Software
Products
3- 16 CVEs
- 9 CVEs
- 4 CVEs
Recent CVEs
28| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-20101 | Hig | 0.56 | 8.6 | 0.00 | Mar 4, 2026 | A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to… | ||
| CVE-2025-20243 | Hig | 0.56 | 8.6 | 0.01 | Aug 14, 2025 | A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to improper… | ||
| CVE-2025-20133 | Hig | 0.56 | 8.6 | 0.01 | Aug 14, 2025 | A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS… | ||
| CVE-2026-20014 | Hig | 0.50 | 7.7 | 0.00 | Mar 4, 2026 | A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS condition on an affected device that may also impact the availability of services… | ||
| CVE-2026-20024 | Med | 0.44 | 6.8 | 0.00 | Mar 4, 2026 | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker… | ||
| CVE-2026-20020 | Med | 0.44 | 6.8 | 0.00 | Mar 4, 2026 | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the… | ||
| CVE-2026-20022 | Med | 0.40 | 6.1 | 0.00 | Mar 4, 2026 | A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled… | ||
| CVE-2026-20015 | Med | 0.38 | 5.8 | 0.00 | Mar 4, 2026 | A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the… | ||
| CVE-2026-20013 | Med | 0.38 | 5.8 | 0.00 | Mar 4, 2026 | A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the… | ||
| CVE-2008-6156 | 0.03 | — | 0.01 | Feb 16, 2009 | SQL injection vulnerability in editCampaign.php in AdMan 1.1.20070907 allows remote authenticated users to execute arbitrary SQL commands via the campaignId parameter. | |||
| CVE-2006-1374 | 0.03 | — | 0.01 | Mar 24, 2006 | SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter. | |||
| CVE-2026-20063 | 0.00 | — | 0.00 | Mar 4, 2026 | A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected… | |||
| CVE-2026-20017 | 0.00 | — | 0.00 | Mar 4, 2026 | A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected… | |||
| CVE-2026-20003 | 0.00 | — | 0.00 | Mar 4, 2026 | A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this… | |||
| CVE-2026-20002 | 0.00 | — | 0.00 | Mar 4, 2026 | A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker… | |||
| CVE-2025-20302 | 0.00 | — | 0.00 | Aug 14, 2025 | A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker… | |||
| CVE-2025-20301 | 0.00 | — | 0.00 | Aug 14, 2025 | A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This vulnerability is due to missing authorization checks. An attacker could… | |||
| CVE-2022-28887 | 0.00 | — | 0.00 | Oct 12, 2022 | Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash. | |||
| CVE-2022-25832 | 0.00 | — | 0.00 | Apr 11, 2022 | Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication. | |||
| CVE-2022-25831 | 0.00 | — | 0.00 | Apr 11, 2022 | Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions. |
- risk 0.56cvss 8.6epss 0.00
A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to…
- risk 0.56cvss 8.6epss 0.01
A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to improper…
- risk 0.56cvss 8.6epss 0.01
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS…
- risk 0.50cvss 7.7epss 0.00
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS condition on an affected device that may also impact the availability of services…
- risk 0.44cvss 6.8epss 0.00
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker…
- risk 0.44cvss 6.8epss 0.00
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the…
- risk 0.40cvss 6.1epss 0.00
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled…
- risk 0.38cvss 5.8epss 0.00
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the…
- risk 0.38cvss 5.8epss 0.00
A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the…
- CVE-2008-6156Feb 16, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in editCampaign.php in AdMan 1.1.20070907 allows remote authenticated users to execute arbitrary SQL commands via the campaignId parameter.
- CVE-2006-1374Mar 24, 2006risk 0.03cvss —epss 0.01
SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter.
- CVE-2026-20063Mar 4, 2026risk 0.00cvss —epss 0.00
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected…
- CVE-2026-20017Mar 4, 2026risk 0.00cvss —epss 0.00
A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected…
- CVE-2026-20003Mar 4, 2026risk 0.00cvss —epss 0.00
A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this…
- CVE-2026-20002Mar 4, 2026risk 0.00cvss —epss 0.00
A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker…
- CVE-2025-20302Aug 14, 2025risk 0.00cvss —epss 0.00
A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker…
- CVE-2025-20301Aug 14, 2025risk 0.00cvss —epss 0.00
A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This vulnerability is due to missing authorization checks. An attacker could…
- CVE-2022-28887Oct 12, 2022risk 0.00cvss —epss 0.00
Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash.
- CVE-2022-25832Apr 11, 2022risk 0.00cvss —epss 0.00
Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication.
- CVE-2022-25831Apr 11, 2022risk 0.00cvss —epss 0.00
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.