Show filters
78 Total Results
Displaying 41-50 of 78
Sort by:
Attacker Value
Unknown

CVE-2017-10807

Disclosure Date: July 04, 2017 (last updated November 26, 2024)
JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.
0
0
Attacker Value
Unknown

CVE-2016-9224

Disclosure Date: December 26, 2016 (last updated November 25, 2024)
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.6(9). Known Fixed Releases: 11.0(0).
0
0
Attacker Value
Unknown

CVE-2015-6360

Disclosure Date: April 21, 2016 (last updated November 25, 2024)
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
0
0
Attacker Value
Unknown

CVE-2016-1311

Disclosure Date: February 06, 2016 (last updated November 25, 2024)
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10.6(8) allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224.
0
0
Attacker Value
Unknown

CVE-2015-6409

Disclosure Date: December 26, 2015 (last updated November 25, 2024)
Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419.
0
0
Attacker Value
Unknown

CVE-2015-2058

Disclosure Date: August 12, 2015 (last updated October 05, 2023)
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.
0
0
Attacker Value
Unknown

CVE-2015-4218

Disclosure Date: June 24, 2015 (last updated October 05, 2023)
The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858.
0
0
Attacker Value
Unknown

CVE-2014-8025

Disclosure Date: December 23, 2014 (last updated October 05, 2023)
The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST response, aka Bug ID CSCus19801.
0
0
Attacker Value
Unknown

CVE-2014-8024

Disclosure Date: December 23, 2014 (last updated October 05, 2023)
The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST request, aka Bug ID CSCus19789.
0
0
Attacker Value
Unknown

CVE-2014-8026

Disclosure Date: December 23, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074.
0
0
View More Topics  < Previous  Next >