cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-0409,https://securityvulnerability.io/vulnerability/CVE-2018-0409,,"A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious IPv4 or IPv6 packet to an affected device on TCP port 7400. An exploit could allow the attacker to overread a buffer, resulting in a crash and restart of the XCP Router service. Cisco Bug IDs: CSCvg97663, CSCvi55947.",Cisco,"Unified Communications Manager Im & Presence Service (cucm Im&p),Telepresence Video Communication Server (vcs) And Expressway",7.5,HIGH,0.008550000376999378,false,,false,false,false,,,false,false,,2018-08-15T00:00:00.000Z,0
CVE-2015-4220,https://securityvulnerability.io/vulnerability/CVE-2015-4220,,"Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773.",Cisco,Unified Presence Server,,,0.0010300000431016088,false,,false,false,false,,,false,false,,2015-06-25T16:00:00.000Z,0
CVE-2014-3339,https://securityvulnerability.io/vulnerability/CVE-2014-3339,,"Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.",Cisco,"Unified Communications Domain Manager,Unified Presence Server",,,0.0029800001066178083,false,,false,false,false,,,false,false,,2014-08-12T23:55:00.000Z,0
CVE-2014-3328,https://securityvulnerability.io/vulnerability/CVE-2014-3328,,"The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.",Cisco,Unified Presence Server,,,0.00431999983265996,false,,false,false,false,,,false,false,,2014-07-26T10:00:00.000Z,0
CVE-2013-6983,https://securityvulnerability.io/vulnerability/CVE-2013-6983,,"SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.",Cisco,Unified Presence Server,,,0.003269999986514449,false,,false,false,false,,,false,false,,2013-12-31T11:00:00.000Z,0
CVE-2013-1242,https://securityvulnerability.io/vulnerability/CVE-2013-1242,,"Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080.",Cisco,Unified Presence Server,,,0.0022899999748915434,false,,false,false,false,,,false,false,,2013-05-10T11:42:00.000Z,0
CVE-2013-1137,https://securityvulnerability.io/vulnerability/CVE-2013-1137,,"Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.",Cisco,Unified Presence Server,,,0.001610000035725534,false,,false,false,false,,,false,false,,2013-02-27T21:55:00.000Z,0
CVE-2010-2839,https://securityvulnerability.io/vulnerability/CVE-2010-2839,,"SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.",Cisco,Unified Presence Server,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2010-08-26T20:00:00.000Z,0
CVE-2010-2840,https://securityvulnerability.io/vulnerability/CVE-2010-2840,,"The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.",Cisco,Unified Presence Server,,,0.002589999930933118,false,,false,false,false,,,false,false,,2010-08-26T20:00:00.000Z,0
CVE-2009-2874,https://securityvulnerability.io/vulnerability/CVE-2009-2874,,"The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.",Cisco,Unified Presence Server,,,0.0200399998575449,false,,false,false,false,,,false,false,,2009-10-16T16:00:00.000Z,0
CVE-2008-1158,https://securityvulnerability.io/vulnerability/CVE-2008-1158,,"The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.",Cisco,"Unified Presence Server,Unified Presence",,,0.024299999698996544,false,,false,false,false,,,false,false,,2008-05-16T06:54:00.000Z,0
CVE-2007-3776,https://securityvulnerability.io/vulnerability/CVE-2007-3776,,"Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962.",Cisco,"Unified Presence Server,Unified Communications Manager",,,0.012889999896287918,false,,false,false,false,,,false,false,,2007-07-15T22:00:00.000Z,0
CVE-2007-3775,https://securityvulnerability.io/vulnerability/CVE-2007-3775,,"Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985.",Cisco,"Unified Presence Server,Unified Communications Manager",,,0.024000000208616257,false,,false,false,false,,,false,false,,2007-07-15T22:00:00.000Z,0
CVE-2007-1834,https://securityvulnerability.io/vulnerability/CVE-2007-1834,,"Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.",Cisco,"Unified Presence Server,Unified Callmanager",,,0.01761999912559986,false,,false,false,false,,,false,false,,2007-04-03T00:00:00.000Z,0
CVE-2007-1826,https://securityvulnerability.io/vulnerability/CVE-2007-1826,,"Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a ""specific UDP packet"" to UDP port 8500, aka bug ID CSCsg60949.",Cisco,"Unified Presence Server,Unified Callmanager",,,0.022140000015497208,false,,false,false,false,,,false,false,,2007-04-02T23:19:00.000Z,0
CVE-2006-5553,https://securityvulnerability.io/vulnerability/CVE-2006-5553,,"Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.",Cisco,"Unified Presence Server,Unified Callmanager,Security Agent",,,0.02280000038444996,false,,false,false,false,,,false,false,,2006-10-26T17:00:00.000Z,0