Filtered by vendor Cisco
Subscribe
Total
6229 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3367 | 1 Cisco | 1 Cisco Nexus 1000v Intercloud | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq90524. | |||||
| CVE-2014-0741 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | 6.2 MEDIUM | N/A |
| The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. | |||||
| CVE-2014-3348 | 1 Cisco | 8 Integrated Management Controller, Unified Computing System E140d, Unified Computing System E140dp and 5 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206. | |||||
| CVE-2015-4295 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | 4.0 MEDIUM | N/A |
| The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5(3.10000.9) allows remote authenticated users to discover root credentials via a direct request to an unspecified URL, aka Bug ID CSCuv21819. | |||||
| CVE-2014-3339 | 1 Cisco | 2 Unified Communications Domain Manager, Unified Presence Server | 2025-04-12 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290. | |||||
| CVE-2016-6421 | 1 Cisco | 1 Ios Xr | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643. | |||||
| CVE-2015-6320 | 1 Cisco | 5 Aironet 1830e, Aironet 1830i, Aironet 1850e and 2 more | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138. | |||||
| CVE-2015-6373 | 1 Cisco | 1 Firepower Extensible Operating System | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611. | |||||
| CVE-2014-8015 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | 4.0 MEDIUM | N/A |
| The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400. | |||||
| CVE-2016-1428 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Double free vulnerability in Cisco IOS XE 3.15S, 3.16S, and 3.17S allows remote authenticated users to cause a denial of service (device restart) via a sequence of crafted SNMP read requests, aka Bug ID CSCux13174. | |||||
| CVE-2016-1380 | 1 Cisco | 1 Web Security Appliance | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo12171. | |||||
| CVE-2014-2113 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540. | |||||
| CVE-2015-4281 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146. | |||||
| CVE-2015-6318 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | 6.9 MEDIUM | N/A |
| Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969. | |||||
| CVE-2014-3373 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550. | |||||
| CVE-2015-0678 | 1 Cisco | 2 Asa Cx Context-aware Security Software, Asa With Firepower Services | 2025-04-12 | 7.8 HIGH | N/A |
| The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954. | |||||
| CVE-2015-4215 | 1 Cisco | 1 Wireless Lan Controller Software | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote attackers to cause a denial of service (device crash) by triggering an exception during attempted forwarding of unspecified IPv6 packets to a non-IPv6 device, aka Bug ID CSCuj01046. | |||||
| CVE-2015-4276 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 6.5 MEDIUM | N/A |
| Cisco WebEx Meetings Server 2.5MR1 allows remote authenticated users to execute arbitrary code via a crafted command parameter, aka Bug ID CSCus56138. | |||||
| CVE-2016-1322 | 1 Cisco | 1 Spark | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584. | |||||
| CVE-2015-0765 | 1 Cisco | 1 Ons 15454 System Software | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263. | |||||