Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-5088 | 1 Status2k | 1 Status2k | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Status2k allows remote attackers to inject arbitrary web script or HTML via the username to login.php. | |||||
| CVE-2014-4958 | 1 Telerik | 1 Asp.net Ajax Radeditor Control | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Telerik UI for ASP.NET AJAX RadEditor control 2014.1.403.35, 2009.3.1208.20, and other versions allows remote attackers to inject arbitrary web script or HTML via CSS expressions in style attributes. | |||||
| CVE-2014-4854 | 1 Smartcatdesign | 1 Wp Contruction Mode | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WP Construction Mode plugin 1.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wuc_logo parameter in a save action to wp-admin/admin.php. | |||||
| CVE-2014-3266 | 1 Cisco | 1 Security Manager | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun65189. | |||||
| CVE-2014-3275 | 1 Cisco | 1 Identity Services Engine Software | 2015-09-16 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337. | |||||
| CVE-2014-2186 | 1 Cisco | 1 Webex Meetings Server | 2015-09-16 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj81777. | |||||
| CVE-2014-2192 | 1 Cisco | 1 Unified Web And E-mail Interaction Manager | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj43033. | |||||
| CVE-2014-2145 | 1 Cisco | 1 Unity Connection | 2015-09-16 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071. | |||||
| CVE-2014-2125 | 1 Cisco | 1 Unity Connection | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028. | |||||
| CVE-2014-2118 | 1 Cisco | 1 Prime Security Manager | 2015-09-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in dashboard-related HTML documents in Cisco Prime Security Manager (aka PRSM) 9.2(.1-2) and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun50687. | |||||
| CVE-2014-2120 | 1 Cisco | 1 Adaptive Security Appliance Software | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WebVPN login page in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun19025. | |||||
| CVE-2014-2115 | 1 Cisco | 1 Emergency Responder | 2015-09-16 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250. | |||||
| CVE-2014-2116 | 1 Cisco | 1 Emergency Responder | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882. | |||||
| CVE-2014-2117 | 1 Cisco | 1 Emergency Responder | 2015-09-16 | 4.3 MEDIUM | N/A |
| Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909. | |||||
| CVE-2014-2114 | 1 Cisco | 1 Emergency Responder | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384. | |||||
| CVE-2014-2104 | 1 Cisco | 1 Unified Communications Domain Manager | 2015-09-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113. | |||||
| CVE-2014-0735 | 1 Cisco | 1 Unified Communications Manager | 2015-09-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum46470. | |||||
| CVE-2014-0726 | 1 Cisco | 1 Unified Communications Manager | 2015-09-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05326. | |||||
| CVE-2014-0727 | 1 Cisco | 1 Unified Communications Manager | 2015-09-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318. | |||||
| CVE-2014-0734 | 1 Cisco | 1 Unified Communications Manager | 2015-09-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Certificate Authority Proxy Function (CAPF) implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483. | |||||