Latest CVE Feed
-
7.4
HIGHCVE-2018-0441
A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a corrup... Read more
- Published: Oct. 17, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0440
A vulnerability in the web interface of Cisco Data Center Network Manager could allow an authenticated application administrator to execute commands on the underlying operating system with root-level privileges. The vulnerability is due to incomplete inpu... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2018-0439
A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is d... Read more
Affected Products : meeting_server- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0438
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0437
A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. To exploit the vulnerability, the attacker must authenticate with valid local user credentials. This... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
8.7
HIGHCVE-2018-0436
A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could allow an authenticated, remote attacker to view and modify data for an organization other than their own organization. The vulnerability exists because the affected software performs insuff... Read more
Affected Products : webex_teams- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2018-0435
A vulnerability in the Cisco Umbrella API could allow an authenticated, remote attacker to view and modify data across their organization and other organizations. The vulnerability is due to insufficient authentication configurations for the API interface... Read more
Affected Products : umbrella- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2018-0434
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient cer... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0433
A vulnerability in the command-line interface (CLI) in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. A... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0432
A vulnerability in the error reporting feature of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters incl... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0431
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerabi... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0430
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerabi... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2018-0429
Stack-based buffer overflow in the Cisco Thor decoder before commit 18de8f9f0762c3a542b1122589edb8af859d9813 allows local users to cause a denial of service (segmentation fault) and execute arbitrary code via a crafted non-conformant Thor bitstream.... Read more
Affected Products : thor_video_codec- Published: Aug. 09, 2018
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2018-0428
A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is... Read more
- Published: Aug. 15, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0427
A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied da... Read more
Affected Products : application_policy_infrastructure_controller_enterprise_module- Published: Aug. 15, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-0426
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain access to s... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2018-0425
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain access to s... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2018-0424
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to execute arbitrary ... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2018-0423
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a denial o... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024
-
7.3
HIGHCVE-2018-0422
A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability ... Read more
- Published: Oct. 05, 2018
- Modified: Nov. 21, 2024