Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application do not properly enforce restriction of excessive authentication atte
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application exposes an internal service port to be accessible from outside the sy
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitat
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution me
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate that user input complies with a list of allowed values. This
CVE-2024-47553
CRITICAL CVSS 9.4
Find Similar
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly validate user input to the ```ssmctl-client``` command. This could al
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application mounts the container's root filesystem with read and write privileges
CVE-2024-47562
CRITICAL CVSS 9.3
Find Similar
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application does not properly neutralize special elements in user input to the ```ssmctl-client``` c
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass th
CVE-2024-46890
CRITICAL CVSS 9.4
Find Similar
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could all
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application does not have proper authorization checks for the file_transfer feature in ssmctl-clien
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application executes a subset of its services as `NT AUTHORITY\SYSTEM`. This could allow a local attacker to execut
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass th
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4). Affected applications contain private SSL/TLS keys on the server that are not properly protected allowing
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly handle log rotation. This could allow an unauthenticated remote att
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 SP2). The affected application inserts sensitive information into a log file which is readable by all legitimat
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The affected application lacks input validation of date parameter in report generation functionality. This could
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoint
Page 1+ Next →