cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-0379,https://securityvulnerability.io/vulnerability/CVE-2018-0379,,"Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could allow arbitrary code execution on the system of a targeted user. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvi02621, CSCvi02965, CSCvi63329, CSCvi63333, CSCvi63335, CSCvi63374, CSCvi63376, CSCvi63377, CSCvi63391, CSCvi63392, CSCvi63396, CSCvi63495, CSCvi63497, CSCvi63498, CSCvi82684, CSCvi82700, CSCvi82705, CSCvi82725, CSCvi82737, CSCvi82742, CSCvi82760, CSCvi82771, CSCvj51284, CSCvj51294.",Cisco,Cisco Webex Network Recording Players Unknown,7.8,HIGH,0.003370000049471855,false,,false,false,false,,,false,false,,2018-07-18T23:29:00.000Z,0
CVE-2018-0380,https://securityvulnerability.io/vulnerability/CVE-2018-0380,,"Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could cause an affected player to crash, resulting in a denial of service (DoS) condition. The Cisco Webex players are applications that are used to play back Webex meetings that have been recorded by an online meeting attendee. The Webex Network Recording Player for .arf files can be automatically installed when the user accesses a recording that is hosted on a Webex server. The Webex Player for .wrf files can be downloaded manually. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvh70253, CSCvh70268, CSCvh72272, CSCvh72281, CSCvh72285, CSCvi60477, CSCvi60485, CSCvi60490, CSCvi60520, CSCvi60529, CSCvi60533.",Cisco,Cisco Webex Network Recording Players Unknown,5.5,MEDIUM,0.0011699999449774623,false,,false,false,false,,,false,false,,2018-07-18T23:29:00.000Z,0
CVE-2018-0390,https://securityvulnerability.io/vulnerability/CVE-2018-0390,,"A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software by using the HTTP POST method. An attacker who can submit malicious scripts to the affected user interface element could execute arbitrary script or HTML code in the user's browser in the context of the affected site. Cisco Bug IDs: CSCvj33287.",Cisco,Cisco Webex Unknown,6.1,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2018-07-18T23:29:00.000Z,0
CVE-2018-0387,https://securityvulnerability.io/vulnerability/CVE-2018-0387,,"A vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An attacker could exploit the vulnerability by sending a user a malicious link and persuading the user to follow the link. A successful exploit could allow the attacker to execute arbitrary code on the user's system. Cisco Bug IDs: CSCvh66250.",Cisco,Cisco Webex Teams Unknown,8.8,HIGH,0.005030000116676092,false,,false,false,false,,,false,false,,2018-07-18T23:29:00.000Z,0
CVE-2018-0356,https://securityvulnerability.io/vulnerability/CVE-2018-0356,,"A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvi63757.",Cisco,Cisco Webex Unknown,6.1,MEDIUM,0.0010300000431016088,false,,false,false,false,,,false,false,,2018-06-07T21:00:00.000Z,0
CVE-2018-0357,https://securityvulnerability.io/vulnerability/CVE-2018-0357,,"A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvi71274.",Cisco,Cisco Webex Unknown,6.1,MEDIUM,0.0010300000431016088,false,,false,false,false,,,false,false,,2018-06-07T21:00:00.000Z,0