VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,233 total · sorted by risk
  • CVE-2020-3460MedJul 31, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based…

  • CVE-2020-3282MedJul 2, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an…

  • CVE-2020-3356MedJun 18, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient input…

  • CVE-2020-3337MedJun 18, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device. An…

  • CVE-2020-3314MedMay 22, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints…

  • CVE-2020-3313MedMay 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the FMC Software. The vulnerability is due to…

  • CVE-2020-3311MedMay 6, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of HTTP request parameters. An attacker…

  • CVE-2020-3178MedMay 6, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of…

  • CVE-2020-3192MedMar 4, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to…

  • CVE-2020-3159MedFeb 19, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to…

  • CVE-2020-3156MedFeb 19, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface.…

  • CVE-2020-3136MedJan 26, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because…

  • CVE-2020-3121MedJan 26, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient…

  • CVE-2019-16024MedJan 26, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability…

  • CVE-2019-16015MedJan 26, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The…

  • CVE-2019-15278MedJan 26, 2020
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it…

  • CVE-2019-15994MedNov 26, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is…

  • CVE-2019-15973MedNov 26, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected application. The vulnerability is due to…

  • CVE-2019-12718MedOct 16, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient…

  • CVE-2019-12705MedOct 16, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management…

  • CVE-2019-15259MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote attacker to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of…

  • CVE-2019-12716MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the…

  • CVE-2019-12715MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the…

  • CVE-2019-12713MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…

  • CVE-2019-12712MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…

  • CVE-2019-12707MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is…

  • CVE-2019-12695MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based…

  • CVE-2019-12631MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient…

  • CVE-2019-1975MedSep 18, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could…

  • CVE-2019-12644MedSep 5, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-1954MedAug 8, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP…

  • CVE-2019-1941MedJul 17, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-1931MedJul 6, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…

  • CVE-2019-1930MedJul 6, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…

  • CVE-2019-1870MedJun 5, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2015-2230MedMay 30, 2019
    risk 0.40cvss 6.1epss 0.01

    Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console.

  • CVE-2019-1857MedMay 3, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco HyperFlex HX-Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient…

  • CVE-2019-1856MedMay 3, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-1852MedMay 3, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of…

  • CVE-2019-1792MedApr 18, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters…

  • CVE-2019-1719MedApr 18, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient…

  • CVE-2019-1827MedApr 4, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the service. The vulnerability exists…

  • CVE-2019-1702MedMar 11, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The…

  • CVE-2019-1700MedFeb 21, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of…

  • CVE-2019-1685MedFeb 21, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The…

  • CVE-2019-1671MedFeb 7, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The…

  • CVE-2019-1670MedFeb 7, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due…

  • CVE-2019-1661MedFeb 7, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.…

  • CVE-2019-1668MedJan 24, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. This vulnerability is due to insufficient…

  • CVE-2019-1655MedJan 24, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is due to…

Page 55 of 145