cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2008-0532,https://securityvulnerability.io/vulnerability/CVE-2008-0532,,"Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.",Cisco,"Acs Solution Engine,User Changeable Password,Acs For Windows",,,0.6310999989509583,false,,false,false,false,,,false,false,,2008-03-14T20:00:00.000Z,0
CVE-2008-0533,https://securityvulnerability.io/vulnerability/CVE-2008-0533,,"Multiple cross-site scripting (XSS) vulnerabilities in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to inject arbitrary web script or HTML via an argument located immediately after the Help argument, and possibly unspecified other vectors.",Cisco,"Acs Solution Engine,User Changeable Password,Acs For Windows",,,0.04089000076055527,false,,false,false,false,,,false,false,,2008-03-14T20:00:00.000Z,0
CVE-2007-1467,https://securityvulnerability.io/vulnerability/CVE-2007-1467,,"Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.",Cisco,"Unified Video Advantage,Unified Videoconferencing Manager,Vpn Client,Unified Personal Communicator,Wireless Lan Solution Engine,Ip Communicator,Unified Meetingplace,Ciscoworks,Wan Manager,Wireless Control System,Network Analysis Module,Security Device Manager,Acs Solution Engine,Unified Videoconferencing,Wireless Lan Controllers,Meetingplace,Call Manager,Unified Meetingplace Express",,,0.004230000078678131,false,,false,false,false,,,false,false,,2007-03-16T21:00:00.000Z,0
CVE-2004-1099,https://securityvulnerability.io/vulnerability/CVE-2004-1099,,"Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a ""cryptographically correct"" certificate with valid fields such as the username.",Cisco,"Secure Acs Solution Engine,Secure Access Control Server",,,0.015080000273883343,false,,false,false,false,,,false,false,,2005-01-10T05:00:00.000Z,0
CVE-2004-1461,https://securityvulnerability.io/vulnerability/CVE-2004-1461,,"Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.",Cisco,"Secure Access Control Server,Secure Acs Solution Engine",,,0.0035600000992417336,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0
CVE-2004-1458,https://securityvulnerability.io/vulnerability/CVE-2004-1458,,The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.,Cisco,"Secure Access Control Server,Secure Acs Solution Engine",,,0.009990000165998936,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0
CVE-2004-1460,https://securityvulnerability.io/vulnerability/CVE-2004-1460,,"Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.",Cisco,"Secure Access Control Server,Secure Acs Solution Engine",,,0.005270000081509352,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0