CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1331
https://notcve.org/view.php?id=CVE-2016-1331
15 Feb 2016 — Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 11.5(0.99833.5) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy10766. Múltiples vulnerabilidades de XSS en Cisco Emergency Responder 11.5(0.99833.5) permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de parámetros no especificados, también conocido como Bug ID CSCuy10766. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-er • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1319
https://notcve.org/view.php?id=CVE-2016-1319
09 Feb 2016 — Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. Cisco Unified Communications Manager (también conocido como CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 25EXPL: 0CVE-2016-1302
https://notcve.org/view.php?id=CVE-2016-1302
07 Feb 2016 — Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998. Dispositivos Cisco Application Policy Infrastructure Controller (APIC) con software anterior a 1.0(3h) y 1.1 en versiones anteriores a 1.1(1j) y switches Nexus 9000 ACI Mode con software... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1306
https://notcve.org/view.php?id=CVE-2016-1306
06 Feb 2016 — Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux80466. Múltiples vulnerabilidades de XSS en Cisco Fog Director 1.0(0) permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un parámetro manipulado, también conocida como Bug ID CSCux80466. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-fd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1310
https://notcve.org/view.php?id=CVE-2016-1310
06 Feb 2016 — Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033. Vulnerabilidad de XSS en Cisco Unity Connection 11.5(0.199) permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada, también conocida como Bug ID CSCuy09033. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-uc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 1%CPEs: 34EXPL: 0CVE-2015-6319
https://notcve.org/view.php?id=CVE-2015-6319
27 Jan 2016 — SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574. Vulnerabilidad de inyección SQL en la interfaz de gestión basada en web en dispositivos Cisco RV220W permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de una cabecera manipulada en una petición HTTP, también conocida como Bug ID CSCuv29574. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2008-7300
https://notcve.org/view.php?id=CVE-2008-7300
05 Oct 2011 — The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone. La implementación del enrutado etiquetado ("labeled networking") de Solaris Trusted Extensions de Sun Solaris 10 y OpenSolaris snv_39 hasta la snv_67, si una zona etiquetada se encuentra en el estado "installed", permi... • http://secunia.com/advisories/31412 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 70EXPL: 0CVE-2009-4774
https://notcve.org/view.php?id=CVE-2009-4774
21 Apr 2010 — Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225. Vulnerabilidad sin especificar en Sun Solaris 10 y OpenSolaris snv_49 a la snv_117, cuando se usa el modo 64bit en las plataformas Intel x86 y la "branded Zone" está configurada, permite a usuarios locales ... • http://secunia.com/advisories/36691 •
CVSS: 9.8EPSS: 0%CPEs: 100EXPL: 0CVE-2010-0558
https://notcve.org/view.php?id=CVE-2010-0558
05 Feb 2010 — The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain. La configuración por defecto de Oracle OpenSolaris snv_91 hasta snv_131 permite a atacantes realizar un impacto no especificado a través de vectores relacionados con el uso de smbadm en la unión de un dominio Windows Active Directory. • http://sunsolve.sun.com/search/document.do?assetkey=1-66-275790-1 • CWE-16: Configuration •
CVSS: 9.8EPSS: 0%CPEs: 79EXPL: 0CVE-2010-0559
https://notcve.org/view.php?id=CVE-2010-0559
05 Feb 2010 — The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain. La configuración por defecto de Oracle OpenSolaris snv_91 hasta snv_131 permite a atacantes realizar un impacto no especificado a través de vectores relacionados con el uso de kclient en la unión de un dominio Windows Active Directory. • http://sunsolve.sun.com/search/document.do?assetkey=1-66-275790-1 • CWE-16: Configuration •