cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-0373,https://securityvulnerability.io/vulnerability/CVE-2018-0373,,"A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious request to the application. A successful exploit could allow the attacker to cause a DoS condition on the affected system. Cisco Bug IDs: CSCvj47654.",Cisco,Cisco Anyconnect Secure Mobility Client Unknown,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2018-06-21T11:00:00.000Z,0
CVE-2018-0334,https://securityvulnerability.io/vulnerability/CVE-2018-0334,,"A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could allow an unauthenticated, remote attacker to bypass the TLS certificate check when downloading certain configuration files. The vulnerability is due to improper use of Simple Certificate Enrollment Protocol and improper server certificate validation. An attacker could exploit this vulnerability by preparing malicious profile and localization files for Cisco AnyConnect to use. A successful exploit could allow the attacker to remotely change the configuration profile, a certificate, or the localization data used by AnyConnect Secure Mobility Client. Cisco Bug IDs: CSCvh23141.",Cisco,Cisco Anyconnect Secure Mobility Client Unknown,4.8,MEDIUM,0.0011699999449774623,false,,false,false,false,,,false,false,,2018-06-07T21:00:00.000Z,0