Double free vulnerability in Cisco IOS XE 3.15S, 3.16S, and 3.17S allows remote authenticated users to cause a denial of service (device restart) via a sequence of crafted SNMP read requests, aka Bug. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
SQL injection vulnerability in the SQL database in Cisco Prime Collaboration Deployment before 11.5.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The license-certificate upload functionality on Cisco 8800 phones with software 11.0(1) allows remote authenticated users to delete arbitrary files via an invalid file, aka Bug ID CSCuz03010. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
EMC Documentum WebTop 6.8 before Patch 13 and 6.8.1 before Patch 02, Documentum Administrator 7.x before 7.2 Patch 13, Documentum Capital Projects 1.9 before Patch 23 and 1.10 before Patch 10, and. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.