Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-20 | CVE-2018-0292 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. | 8.8 |
| 2018-06-20 | CVE-2018-0291 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. | 6.5 |
| 2018-06-08 | CVE-2018-0225 | SQL Injection vulnerability in Cisco Appdynamics APP IQ The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 (HF4) allows SQL injection, aka the Security Advisory 2089 issue. | 9.8 |
| 2018-06-07 | CVE-2018-0357 | Cross-site Scripting vulnerability in Cisco Webex Meetings 1.3.5 A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 6.1 |
| 2018-06-07 | CVE-2018-0356 | Cross-site Scripting vulnerability in Cisco Webex Meetings T32 A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 6.1 |
| 2018-06-07 | CVE-2018-0355 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Unified Communications Manager A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against the user of the web UI of an affected system. | 6.1 |
| 2018-06-07 | CVE-2018-0354 | Cross-site Scripting vulnerability in Cisco Unity Connection 12.5 A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. | 6.1 |
| 2018-06-07 | CVE-2018-0352 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Wide Area Application Services 6.2(3) A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. | 6.7 |
| 2018-06-07 | CVE-2018-0340 | Cross-site Scripting vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. | 5.4 |
| 2018-06-07 | CVE-2018-0339 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.3(0.298)/2.4(0.126) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 6.1 |