VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,132 total · sorted by risk
  • CVE-2021-1158MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1157MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1156MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1155MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1154MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1153MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1152MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1151MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are…

  • CVE-2021-1130MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based…

  • CVE-2020-26083MedNov 6, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists…

  • CVE-2020-3561MedOct 21, 2020
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The…

  • CVE-2020-3558MedOct 21, 2020
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an…

  • CVE-2020-3589MedOct 8, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability…

  • CVE-2020-3418MedSep 24, 2020
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control…

  • CVE-2020-3117MedSep 23, 2020
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is…

  • CVE-2019-16025MedSep 23, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of some…

  • CVE-2020-3453MedSep 4, 2020
    risk 0.31cvss 4.7epss 0.03

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user.…

  • CVE-2020-3451MedSep 4, 2020
    risk 0.31cvss 4.7epss 0.02

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user.…

  • CVE-2020-3439MedAug 26, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient input…

  • CVE-2020-3464MedAug 17, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco UCS Director could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the…

  • CVE-2020-3349MedJul 16, 2020
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities…

  • CVE-2020-3348MedJul 16, 2020
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities…

  • CVE-2020-3340MedJul 2, 2020
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. These…

  • CVE-2020-3362MedJun 18, 2020
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit…

  • CVE-2020-3355MedJun 18, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is…

  • CVE-2020-3354MedJun 18, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is…

  • CVE-2020-3231MedJun 3, 2020
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast…

  • CVE-2020-3206MedJun 3, 2020
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the handling of IEEE 802.11w Protected Management Frames (PMFs) of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected…

  • CVE-2019-16010MedMar 19, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web UI of the Cisco SD-WAN vManage software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the vManage software. The vulnerability is due to insufficient…

  • CVE-2020-3174MedFeb 26, 2020
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol (ARP) entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability…

  • CVE-2013-2682MedFeb 5, 2020
    risk 0.31cvss 4.3epss 0.06

    Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.

  • CVE-2020-3149MedFeb 5, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected device. The vulnerability is due to insufficient input…

  • CVE-2020-3129MedJan 26, 2020
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation by the web-based management…

  • CVE-2019-15281MedOct 16, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.…

  • CVE-2019-15280MedOct 16, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability…

  • CVE-2019-15269MedOct 16, 2019
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are…

  • CVE-2019-15268MedOct 16, 2019
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. These vulnerabilities are…

  • CVE-2019-12668MedSep 25, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software using the banner parameter. The…

  • CVE-2019-12667MedSep 25, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web framework code of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input…

  • CVE-2019-12626MedAug 21, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected…

  • CVE-2019-1973MedAug 8, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web portal framework of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to improper input…

  • CVE-2019-1956MedAug 8, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the device. The vulnerability is due to insufficient validation of…

  • CVE-2019-1949MedAug 8, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability…

  • CVE-2019-5401MedAug 1, 2019
    risk 0.31cvss 4.8epss 0.01

    A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields (management URL, location, contact). But admin privileges are…

  • CVE-2019-1875MedJun 20, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of…

  • CVE-2019-1881MedJun 5, 2019
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to…

  • CVE-2019-1853MedMay 16, 2019
    risk 0.31cvss 4.8epss 0.02

    A vulnerability in the HostScan component of Cisco AnyConnect Secure Mobility Client for Linux could allow an unauthenticated, remote attacker to read sensitive information on an affected system. The vulnerability exists because the affected software performs improper bounds…

  • CVE-2019-1701MedMay 3, 2019
    risk 0.31cvss 4.8epss 0.01

    Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal…

  • CVE-2019-1802MedApr 18, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The…

  • CVE-2019-1758MedMar 28, 2019
    risk 0.31cvss 4.7epss 0.01

    A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An…

Page 84 of 143