Every CVE whose affected-product data names Cisco Secure Desktop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2010-0589 — CVSS 9.3 (critical): The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of…
CVE-2015-0691 — CVSS 9.3 (critical): A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary…
CVE-2012-4655 — CVSS 9.3 (critical): The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader…
CVE-2011-0926 — CVSS 9.3 (critical): A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified…
CVE-2011-0925 — CVSS 9.3 (critical): The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an…
CVE-2006-5393 — CVSS 5.5 (medium): Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might…
CVE-2006-5807 — CVSS 4.6 (medium): Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications…
CVE-2006-5808 — CVSS 4.6 (medium): The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD…
CVE-2010-0440 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in…
CVE-2012-2495 — CVSS 4.3 (medium): The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before…
CVE-2006-5394 — CVSS 2.1 (low): The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might…
CVE-2006-5806 — CVSS 2.1 (low): SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores…
CVE-2009-5008 — CVSS 2.1 (low): Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which…