Skip to main content
CVE-2015-4262 CRITICAL Act Now

The password-change feature in Cisco Unified MeetingPlace Web Conferencing before 8.5(5) MR3 and 8.6 before 8.6(2) does not check the session ID or require entry of the current password, which allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Unified Meetingplace Web Conferencing
NVD
CVSS 2.0
10.0
EPSS
0.4%
CVE-2015-4235 CRITICAL Act Now

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Application Policy Infrastructure Controller Apic Nx Os
NVD
CVSS 2.0
9.0
EPSS
0.7%
CVE-2015-0681 HIGH This Week

The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Apple Cisco Denial Of Service iOS Ios Xe
NVD
CVSS 2.0
7.1
EPSS
0.6%
CVE-2015-2973 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Welcart plugin before 1.4.18 for WordPress allow remote attackers to inject arbitrary web script or HTML via the usces_referer parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS WordPress PHP Welcart E Commerce
NVD
CVSS 2.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy