Filtered by vendor Cisco
Subscribe
Total
6501 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4279 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | 7.2 HIGH | N/A |
| The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778. | |||||
| CVE-2016-1398 | 1 Cisco | 6 Rv110w, Rv110w Firmware, Rv130w and 3 more | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with firmware through 1.0.2.7, and RV215W devices with firmware through 1.3.0.7 allows remote authenticated users to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCux86669. | |||||
| CVE-2014-3284 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed PPPoE packet, aka Bug ID CSCuo55180. | |||||
| CVE-2015-0729 | 1 Cisco | 1 Secure Access Control Server | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote attackers to inject arbitrary web script or HTML via a file-inclusion attack, aka Bug ID CSCuu11005. | |||||
| CVE-2016-1420 | 1 Cisco | 2 Application Infrastructure Controller, Application Policy Infrastructure Controller Firmware | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347. | |||||
| CVE-2015-4214 | 1 Cisco | 1 Unified Meetingplace | 2025-04-12 | 4.0 MEDIUM | N/A |
| Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authenticated users to discover cleartext passwords by reading HTML source code, aka Bug ID CSCuu33050. | |||||
| CVE-2014-8010 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | 6.5 MEDIUM | N/A |
| The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205. | |||||
| CVE-2016-4349 | 1 Cisco | 1 Webex Productivity Tools | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local users to gain privileges via a Trojan horse cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, secur32.dll, sxs.dll, or uxtheme.dll file in the current working directory, aka Bug ID CSCuy56140. | |||||
| CVE-2016-6431 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 7.1 HIGH | 7.5 HIGH |
| A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker could exploit this vulnerability by sending a crafted enrollment request to the affected system. An exploit could allow the attacker to cause the reload of the affected system. Note: Only HTTPS packets directed to the Cisco ASA interface, where the local CA is allowing user enrollment, can be used to trigger this vulnerability. This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode. | |||||
| CVE-2015-0666 | 1 Cisco | 1 Prime Data Center Network Manager | 2025-04-12 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241. | |||||
| CVE-2012-5036 | 1 Cisco | 1 Ios | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662. | |||||
| CVE-2014-3291 | 1 Cisco | 1 Wireless Lan Controller | 2025-04-12 | 5.7 MEDIUM | N/A |
| Cisco Wireless LAN Controller (WLC) devices allow remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a zero value in Cisco Discovery Protocol packet data that is not properly handled during SNMP polling, aka Bug ID CSCuo12321. | |||||
| CVE-2015-0645 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.2S, 3.13 before 3.13.1S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuq59131. | |||||
| CVE-2015-0654 | 1 Cisco | 1 Intrusion Prevention System | 2025-04-12 | 7.1 HIGH | N/A |
| Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of service (process hang) by establishing many HTTPS sessions, aka Bug ID CSCuq40652. | |||||
| CVE-2016-6472 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager (CallManager) could allow an unauthenticated, remote attacker to launch a cross-site scripting (XSS) attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known Affected Releases: 11.5(1.2). Known Fixed Releases: 11.5(1.11950.96) 11.5(1.12900.2) 12.0(0.98000.133) 12.0(0.98000.313) 12.0(0.98000.404). | |||||
| CVE-2015-0713 | 1 Cisco | 10 Telepresence Advanced Media Gateway, Telepresence Ip Gateway, Telepresence Ip Vcr 1.0 Converter and 7 more | 2025-04-12 | 9.0 HIGH | N/A |
| The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855. | |||||
| CVE-2016-9209 | 1 Cisco | 1 Firepower Services For Adaptive Security Appliance | 2025-04-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services, Advanced Malware Protection (AMP) for Networks - 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks - 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, FirePOWER Threat Defense for Integrated Services Routers (ISRs), Next Generation Intrusion Prevention System (NGIPS) for Blue Coat X-Series, Sourcefire 3D System Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. More Information: CSCvb20102. Known Affected Releases: 2.9.7.10. | |||||
| CVE-2014-0685 | 1 Cisco | 1 Cisco Nexus 1000v Intercloud | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691. | |||||
| CVE-2015-0771 | 1 Cisco | 9 Catalyst 6503-e, Catalyst 6504-e, Catalyst 6506-e and 6 more | 2025-04-12 | 6.3 MEDIUM | N/A |
| The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service (device reload) by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505. | |||||
| CVE-2015-0582 | 1 Cisco | 2 Mds 9000, Nx-os | 2025-04-12 | 5.0 MEDIUM | N/A |
| The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to cause a denial of service via crafted traffic, aka Bug ID CSCuo09129. | |||||