Vulnerabilities > Improper Input Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-23 | CVE-2020-4324 | Improper Input Validation vulnerability in IBM Security Secret Server IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation. | 4.3 |
| 2020-09-23 | CVE-2019-15289 | Improper Input Validation vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in the video service of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2020-09-23 | CVE-2019-15959 | Improper Input Validation vulnerability in Cisco Spa500 Series IP Phones Firmware A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. | 6.6 |
| 2020-09-23 | CVE-2019-16017 | Improper Input Validation vulnerability in Cisco Unified Customer Voice Portal A vulnerability in the Operations, Administration, Maintenance and Provisioning (OAMP) OpsConsole Server for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. | 6.8 |
| 2020-09-23 | CVE-2019-1947 | Improper Input Validation vulnerability in Cisco Asyncos and Email Security Appliance A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. | 8.6 |
| 2020-09-23 | CVE-2019-1983 | Improper Input Validation vulnerability in Cisco Asyncos and Content Security Management Appliance A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (DoS) condition. | 5.3 |
| 2020-09-23 | CVE-2019-15957 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system. | 7.2 |
| 2020-09-23 | CVE-2019-15974 | Improper Input Validation vulnerability in Cisco Managed Services Accelerator A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 6.1 |
| 2020-09-23 | CVE-2020-3133 | Improper Input Validation vulnerability in Cisco Email Security Appliance A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. | 7.5 |
| 2020-09-23 | CVE-2020-3130 | Improper Input Validation vulnerability in Cisco Unity Connection A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. | 6.5 |