cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-20655,https://securityvulnerability.io/vulnerability/CVE-2022-20655,Command Injection Vulnerability in ConfD Could Allow Authenticated Attacker to Execute Arbitrary Commands with Root Privileges,"An issue within the command line interface (CLI) implementation in Cisco's ConfD can allow authenticated, local attackers to conduct command injection attacks. This vulnerability stems from insufficient validation of process arguments, enabling an attacker to inject malicious commands during execution. Successfully exploiting this vulnerability can lead to the execution of arbitrary commands on the underlying operating system with the same privileges as ConfD, often equivalent to root access, thereby posing severe risks to system security and integrity.",Cisco,"Cisco iOS Xr Software,Cisco Virtual Topology System (vts),Cisco Network Services Orchestrator,Cisco Enterprise Nfv Infrastructure Software,Cisco Catalyst Sd-wan,Cisco Catalyst Sd-wan Manager,Cisco iOS Xe Catalyst Sd-wan,Cisco Sd-wan Vedge Router,Cisco Ultra Gateway Platform,Cisco Carrier Packet Transport",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-15T15:56:42.927Z,0
CVE-2013-1196,https://securityvulnerability.io/vulnerability/CVE-2013-1196,,"The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning Manager, Network Services Manager, Prime Data Center Network Manager (DCNM), and Quad does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCug29384, CSCug13866, CSCug29400, CSCug29406, CSCug29411, CSCug29413, CSCug29416, CSCug29418, CSCug29422, CSCug29425, and CSCug29426, a different issue than CVE-2013-1125.",Cisco,"Prime Network Control System,Secure Access Control System,Prime Collaboration,Prime Data Center Network Manager,Network Services Manager,Application Networking Manager,Quad,Context Directory Agent,Unified Provisioning Manager,Prime Lan Management Solution,Identity Services Engine Software",,,0.0012400000123307109,false,,false,false,false,,,false,false,,2013-04-29T21:55:00.000Z,0
CVE-2013-1125,https://securityvulnerability.io/vulnerability/CVE-2013-1125,,"The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.",Cisco,"Prime Network Control System,Secure Access Control System,Prime Collaboration,Network Services Manager,Application Networking Manager,Quad,Context Directory Agent,Unified Provisioning Manager,Prime Lan Management Solution,Identity Services Engine Software",,,0.0006399999838322401,false,,false,false,false,,,false,false,,2013-02-19T23:55:00.000Z,0
CVE-2005-4794,https://securityvulnerability.io/vulnerability/CVE-2005-4794,,"Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.",Cisco,"Application And Content Networking Software,Ip Phone 7912,Ata,Subscriber Edge Services Manager,Ip Phone 7902,Ip Phone 7905,Unity Express",,,0.07119999825954437,false,,false,false,false,,,false,false,,2005-12-31T05:00:00.000Z,0