5.4
CVE-2025-20342 - Cisco Integrated Management Controller Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scriβ¦
A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerabiβ¦
7.1
CVE-2025-20317 - Cisco UCS Virtual Keyboard Video Monitor (vKVM) Open Redirect Vulnerability
A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website. This vulnerability is due to insufficient verification of vKVM endpoints. Anβ¦
5.4
CVE-2025-20296 - Cisco UCS Manager Software Stored Software Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by β¦
5
CVE-2025-20348 - Cisco Nexus Dashboard Unauthorized REST API Vulnerability
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because ofβ¦
5.4
CVE-2025-20347 - Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because ofβ¦
6.5
CVE-2025-20344 - Cisco Nexus Dashboard Path Traversal Vulnerability
A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid Adminβ¦
0.0
CVE-2025-58184 -
reserved but not needed
0.0
CVE-2025-58182 -
reserved but not needed
7.5
CVE-2025-53105 - GLPI permits unauthorized rules execution order
GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected user without administration rights can change the β¦
6.9
CVE-2025-9533 - TOTOLINK T10 formLoginAuth.htm improper authentication
A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown function of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed toβ¦