Skip to main content
CVE-2018-0184 MEDIUM This Month

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Apple Ios Xe
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-0183 MEDIUM This Month

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Apple Ios Xe
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-0163 MEDIUM This Month

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Apple iOS
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2018-0161 MEDIUM KEV THREAT This Month

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
6.3
EPSS
4.7%
CVE-2018-0160 MEDIUM This Month

A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Apple Ios Xe
NVD
CVSS 3.0
6.3
EPSS
1.7%
CVE-2018-0190 MEDIUM This Month

Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Apple Ios Xe
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-0188 MEDIUM This Month

Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Apple Ios Xe
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-0186 MEDIUM This Month

Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Apple Ios Xe
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-7674 MEDIUM This Month

The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Identity Manager
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-0180 MEDIUM KEV THREAT This Month

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
5.9
EPSS
5.0%
CVE-2018-0179 MEDIUM KEV THREAT This Month

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Denial Of Service Apple iOS
NVD
CVSS 3.1
5.9
EPSS
5.0%
CVE-2018-7676 MEDIUM This Month

The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Identity Manager
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2018-1142 MEDIUM PATCH This Month

Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Appliance
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-0189 MEDIUM This Month

A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Apple Ios Xe
NVD
CVSS 3.0
5.3
EPSS
1.1%
CVE-2018-0196 MEDIUM This Month

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Apple Ios Xe
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2018-6608 MEDIUM This Month

In the WebRTC component in Opera 51.0.2830.55, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Opera Browser
NVD GitHub
CVSS 3.0
4.3
EPSS
3.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy