Skip to main content
CVE-2015-6402 MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 34.3%.

XSS Cisco Epc3928 Docsis 3 0 8X4 Wireless Residential Gateway With Embedded Digital Voice Adapter
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
34.3%
CVE-2015-6378 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Dpq3925 8X4 Docsis 3 0 Wireless Residential Gateway With Embedded Digital Voice Adapter
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-6790 MEDIUM This Month

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Google Code Injection Chrome
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2015-6416 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.0(1) allows remote attackers to inject arbitrary web script or HTML a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Unified Web And E Mail Interaction Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-6422 MEDIUM This Month

The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows remote authenticated users to cause a denial of service (subapplication outage) via malformed. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Communications Domain Manager
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-6410 MEDIUM This Month

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Telepresence Video Communication Server Software
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy