6.9
CVE-2025-5596 - FreeFloat FTP Server REGET Command buffer overflow
A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component REGET Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public anโฆ
4.8
CVE-2025-2336 - AngularJS improper sanitization in SVG '<image>' element with 'ngSanitize'
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS'sย 'ngSanitize'ย module allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofinโฆ
6.9
CVE-2025-5595 - FreeFloat FTP Server PROGRESS Command buffer overflow
A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component PROGRESS Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and mโฆ
5.3
CVE-2025-20259 - Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Write Vulnerability
Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These vulnerabilities are due to improper access controls on files that are in the local file system. An aโฆ
9.9
CVE-2025-20286 - ISE on AWS Static Credential
A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configuraโฆ
6
CVE-2025-20278 - Cisco Unified Communications Products Command Injection Vulnerability
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied comโฆ
4.8
CVE-2025-20279 - Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to imprโฆ
3.4
CVE-2025-20277 - Cisco Unified Contact Center Express Path Traversal Vulnerability
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper lโฆ
3.8
CVE-2025-20276 - Cisco Unified Contact Center Express Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insโฆ
5.3
CVE-2025-20275 - Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability
A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device. This vulnerability is due to insecure deserialization of Java objects by the affected software. โฆ