VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,232 total · sorted by risk
  • CVE-2019-12715MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the…

  • CVE-2019-12713MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…

  • CVE-2019-12712MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…

  • CVE-2019-12707MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is…

  • CVE-2019-12695MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based…

  • CVE-2019-12631MedOct 2, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient…

  • CVE-2019-1975MedSep 18, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could…

  • CVE-2019-12644MedSep 5, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-1954MedAug 8, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP…

  • CVE-2019-1941MedJul 17, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-1931MedJul 6, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…

  • CVE-2019-1930MedJul 6, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the RSS dashboard in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of…

  • CVE-2019-1870MedJun 5, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email (ECE) Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2015-2230MedMay 30, 2019
    risk 0.40cvss 6.1epss 0.01

    Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console.

  • CVE-2019-1857MedMay 3, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco HyperFlex HX-Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient…

  • CVE-2019-1856MedMay 3, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2019-1852MedMay 3, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of…

  • CVE-2019-1792MedApr 18, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the URL block page of Cisco Umbrella could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user in a network protected by Umbrella. The vulnerability is due to insufficient validation of input parameters…

  • CVE-2019-1719MedApr 18, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient…

  • CVE-2019-1827MedApr 4, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the service. The vulnerability exists…

  • CVE-2019-1702MedMar 11, 2019
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The…

  • CVE-2019-1700MedFeb 21, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of…

  • CVE-2019-1685MedFeb 21, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The…

  • CVE-2019-1671MedFeb 7, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The…

  • CVE-2019-1670MedFeb 7, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due…

  • CVE-2019-1661MedFeb 7, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.…

  • CVE-2019-1668MedJan 24, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user interface of an affected system. This vulnerability is due to insufficient…

  • CVE-2019-1655MedJan 24, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerability is due to…

  • CVE-2019-1643MedJan 23, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is…

  • CVE-2018-15455MedJan 23, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of requests stored in the system's logging database. An…

  • CVE-2018-15463MedJan 15, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to…

  • CVE-2018-15440MedJan 15, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due…

  • CVE-2018-15467MedJan 11, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2018-15461MedJan 10, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this…

  • CVE-2018-15457MedJan 10, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due…

  • CVE-2018-15435MedOct 17, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient…

  • CVE-2018-15436MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Webex Events Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a…

  • CVE-2018-15434MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2018-15406MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due…

  • CVE-2018-15400MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2018-0480MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. The vulnerability is due to a race condition that occurs when the VLAN and…

  • CVE-2018-0465MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability…

  • CVE-2018-0458MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2018-0452MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due…

  • CVE-2018-0450MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the management interface on an affected device. The vulnerability is due to…

  • CVE-2018-0444MedOct 5, 2018
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Packaged Contact Center Enterprise could allow an unauthenticated, remote attacker to conduct a stored XSS attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied…

  • CVE-2018-0386MedAug 15, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on an affected system. The vulnerability is due to improper validation of input that is passed to the affected…

  • CVE-2018-0411MedAug 1, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2018-0406MedAug 1, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected or Document Object Model based (DOM-based) cross-site scripting (XSS) attack against a user of the web-based…

  • CVE-2018-0401MedJul 18, 2018
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70967.

Page 56 of 145