Filtered by vendor Cisco
Subscribe
Total
6256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4920 | 1 Cisco | 1 Asa 5580 | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412. | |||||
| CVE-2011-0394 | 1 Cisco | 7 5500 Series Adaptive Security Appliance, Adaptive Security Appliance, Adaptive Security Appliance Software and 4 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952. | |||||
| CVE-2010-1577 | 1 Cisco | 2 Content Delivery System, Internet Streamer | 2025-04-11 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL. | |||||
| CVE-2013-1116 | 1 Cisco | 1 Webex Advanced Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted ARF file, aka Bug IDs CSCue74147 and CSCub28383. | |||||
| CVE-2013-1152 | 1 Cisco | 2 Adaptive Security Appliance, Adaptive Security Appliance Software | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080. | |||||
| CVE-2010-0573 | 1 Cisco | 4 Digital Media Player, Digital Media Player 4300g, Digital Media Player 4305g and 1 more | 2025-04-11 | 8.5 HIGH | N/A |
| Unspecified vulnerability on the Cisco Digital Media Player before 5.2 allows remote attackers to hijack the source of (1) video or (2) data for a display via unknown vectors, related to a "content injection" issue, aka Bug ID CSCtc46024. | |||||
| CVE-2010-4682 | 1 Cisco | 3 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 | 2025-04-11 | 7.8 HIGH | N/A |
| Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (memory consumption) by making multiple incorrect LDAP authentication attempts, aka Bug ID CSCtf29867. | |||||
| CVE-2013-1221 | 1 Cisco | 1 Unified Customer Voice Portal | 2025-04-11 | 10.0 HIGH | N/A |
| The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38384. | |||||
| CVE-2013-2139 | 3 Cisco, Fedoraproject, Opensuse | 3 Libsrtp, Fedora, Opensuse | 2025-04-11 | 2.6 LOW | N/A |
| Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions. | |||||
| CVE-2013-6964 | 1 Cisco | 1 Webex Meeting Center | 2025-04-11 | 3.5 LOW | N/A |
| Cisco WebEx Meeting Center allows remote authenticated users to bypass access control and inject content from a different WebEx site via unspecified vectors, aka Bug ID CSCul36197. | |||||
| CVE-2011-0935 | 1 Cisco | 1 Ios | 2025-04-11 | 10.0 HIGH | N/A |
| The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685. | |||||
| CVE-2014-0730 | 1 Cisco | 1 Unified Computing System Central Software | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a local-mgmt context, aka Bug ID CSCul53128. | |||||
| CVE-2013-1179 | 1 Cisco | 6 Mds 9000, Nexus 7000, Nexus 7000 10-slot and 3 more | 2025-04-11 | 9.0 HIGH | N/A |
| Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830. | |||||
| CVE-2014-0652 | 1 Cisco | 1 Context Directory Agent | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuj45358. | |||||
| CVE-2013-1163 | 1 Cisco | 1 Connected Grid Network Management System | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746. | |||||
| CVE-2014-0655 | 1 Cisco | 1 Adaptive Security Appliance | 2025-04-11 | 4.3 MEDIUM | N/A |
| The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332. | |||||
| CVE-2008-7257 | 1 Cisco | 1 Asa 5580 | 2025-04-11 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163. | |||||
| CVE-2011-2058 | 1 Cisco | 1 Ios | 2025-04-11 | 7.8 HIGH | 7.5 HIGH |
| The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336. | |||||
| CVE-2013-6687 | 1 Cisco | 1 Webex Meetings Server | 2025-04-11 | 4.0 MEDIUM | N/A |
| The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source code, aka Bug ID CSCul33876. | |||||
| CVE-2012-5990 | 1 Cisco | 2 Prime Network Control System, Wireless Control System | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud18375. | |||||