VYPR

Vendor CVEs

Brain Book Software

All CVEs

28 total · sorted by risk
  • CVE-2026-20101HigMar 4, 2026
    risk 0.56cvss 8.6epss 0.00

    A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to…

  • CVE-2025-20243HigAug 14, 2025
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to improper…

  • CVE-2025-20133HigAug 14, 2025
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS…

  • CVE-2026-20014HigMar 4, 2026
    risk 0.50cvss 7.7epss 0.00

    A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS condition on an affected device that may also impact the availability of services…

  • CVE-2026-20024MedMar 4, 2026
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker…

  • CVE-2026-20020MedMar 4, 2026
    risk 0.44cvss 6.8epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the…

  • CVE-2026-20022MedMar 4, 2026
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled…

  • CVE-2026-20015MedMar 4, 2026
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the…

  • CVE-2026-20013MedMar 4, 2026
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the…

  • CVE-2008-6156Feb 16, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in editCampaign.php in AdMan 1.1.20070907 allows remote authenticated users to execute arbitrary SQL commands via the campaignId parameter.

  • CVE-2006-1374Mar 24, 2006
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter.

  • CVE-2026-20063Mar 4, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected…

  • CVE-2026-20017Mar 4, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected…

  • CVE-2026-20003Mar 4, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this…

  • CVE-2026-20002Mar 4, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker…

  • CVE-2025-20302Aug 14, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker…

  • CVE-2025-20301Aug 14, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This vulnerability is due to missing authorization checks. An attacker could…

  • CVE-2022-28887Oct 12, 2022
    risk 0.00cvss epss 0.00

    Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash.

  • CVE-2022-25832Apr 11, 2022
    risk 0.00cvss epss 0.00

    Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication.

  • CVE-2022-25831Apr 11, 2022
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.

  • CVE-2021-25389Jun 11, 2021
    risk 0.00cvss epss 0.00

    Improper running task check in S Secure prior to SMR MAY-2021 Release 1 allows attackers to use locked app without authentication.

  • CVE-2020-28342Nov 8, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. The S Secure application allows attackers to bypass authentication for a locked Gallery application via the Reminder application. The Samsung ID is SVE-2020-18689 (November 2020).

  • CVE-2020-25047Aug 31, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (released in China and India) software. The S Secure application does not enforce the intended password requirement for a locked application. The Samsung IDs are SVE-2020-16746, SVE-2020-16764 (August…

  • CVE-2019-20550Mar 24, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) (released in China and India) software. The S Secure app can access the content of a locked app without a password. The Samsung ID is SVE-2019-13805 (October 2019).

  • CVE-2019-20533Mar 24, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (released in China or India) software. The S Secure app can launch masked apps without a password. The Samsung ID is SVE-2019-13996 (December 2019).

  • CVE-2007-4020Jul 26, 2007
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in login.php in AdMan 1.0.20051202 FF 3 patch and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters.

  • CVE-2007-4021Jul 26, 2007
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in login.php in Brain Book Software Secure 1.0.20070629 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters.

  • CVE-2006-1375Mar 24, 2006
    risk 0.00cvss epss 0.02

    AdMan 1.0.20051221 and earlier allows remote attackers to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.