Filtered by vendor Cisco
Subscribe
Total
6230 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-6405 | 1 Cisco | 1 Emergency Responder | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv26501. | |||||
| CVE-2014-8006 | 1 Cisco | 1 Isb8320-e High-definition Ip-only Dvr | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422. | |||||
| CVE-2016-1462 | 1 Cisco | 1 Prime Service Catalog | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Prime Service Catalog (PSC) 11.0 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuz63795. | |||||
| CVE-2015-6258 | 1 Cisco | 1 Wireless Lan Controller Software | 2025-04-12 | 5.0 MEDIUM | N/A |
| The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted IPv6 packets, aka Bug ID CSCuv40033. | |||||
| CVE-2015-4280 | 1 Cisco | 1 Prime Collaboration | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP service outage) via a crafted HTTP request, aka Bug ID CSCum38844. | |||||
| CVE-2015-0584 | 1 Cisco | 1 Desktop Collaboration Experience Dx650 | 2025-04-12 | 7.2 HIGH | N/A |
| The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947. | |||||
| CVE-2015-4310 | 1 Cisco | 1 Finesse | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 10.5(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug IDs CSCuq82322, CSCut95853, and CSCuq73975. | |||||
| CVE-2015-0755 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-12 | 6.8 MEDIUM | N/A |
| The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797. | |||||
| CVE-2014-2155 | 1 Cisco | 1 Cns Network Registrar | 2025-04-12 | 5.0 MEDIUM | N/A |
| The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437. | |||||
| CVE-2015-6396 | 1 Cisco | 6 Rv110w Wireless-n Vpn Firewall, Rv110w Wireless-n Vpn Firewall Firmware, Rv130w Wireless-n Multifunction Vpn Router and 3 more | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567. | |||||
| CVE-2016-1343 | 1 Cisco | 1 Information Server | 2025-04-12 | 6.4 MEDIUM | 10.0 CRITICAL |
| The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCuy39059. | |||||
| CVE-2016-9193 | 1 Cisco | 2 Firesight System Software, Secure Firewall Management Center | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0. | |||||
| CVE-2015-4306 | 1 Cisco | 1 Prime Collaboration Assurance | 2025-04-12 | 8.5 HIGH | N/A |
| The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session identifier and constructing a crafted URL, aka Bug IDs CSCus88343 and CSCus88334. | |||||
| CVE-2015-6305 | 2 Cisco, Microsoft | 2 Anyconnect Secure Mobility Client, Windows | 2025-04-12 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211. | |||||
| CVE-2016-6461 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. More Information: CSCva38556. Known Affected Releases: 9.1(6.10). Known Fixed Releases: 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30). | |||||
| CVE-2015-6315 | 1 Cisco | 1 Aironet Access Point Software | 2025-04-12 | 7.2 HIGH | N/A |
| Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694. | |||||
| CVE-2015-4229 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | 5.0 MEDIUM | N/A |
| The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589. | |||||
| CVE-2015-4239 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220. | |||||
| CVE-2014-3300 | 1 Cisco | 2 Unified Cdm Application Software, Unified Communications Domain Manager | 2025-04-12 | 7.5 HIGH | N/A |
| The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041. | |||||
| CVE-2015-4252 | 1 Cisco | 1 Telepresence Isdn Gw 3241 | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724. | |||||