Filtered by vendor Cisco
Subscribe
Total
6230 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-8027 | 1 Cisco | 1 Secure Access Control System | 2025-04-12 | 6.5 MEDIUM | N/A |
| The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034. | |||||
| CVE-2015-0772 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | 7.1 HIGH | N/A |
| Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422. | |||||
| CVE-2014-3323 | 1 Cisco | 1 Unified Contact Center Enterprise | 2025-04-12 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262. | |||||
| CVE-2015-0760 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 4.0 MEDIUM | N/A |
| The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. | |||||
| CVE-2015-0773 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | 5.5 MEDIUM | N/A |
| Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user's dashboard via a modified VPN deletion request in a management session, aka Bug ID CSCut67078. | |||||
| CVE-2016-6436 | 1 Cisco | 1 Hostscan Engine | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz14682. | |||||
| CVE-2014-3261 | 1 Cisco | 27 Cg-os, Cgr 1120, Cgr 1240 and 24 more | 2025-04-12 | 7.6 HIGH | N/A |
| Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322. | |||||
| CVE-2014-8019 | 1 Cisco | 1 Enterprise Content Delivery System | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco Enterprise Content Delivery System (ECDS) allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCuo90148. | |||||
| CVE-2014-3370 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2025-04-12 | 7.1 HIGH | N/A |
| Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447. | |||||
| CVE-2014-2104 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113. | |||||
| CVE-2016-1389 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 4.3 MEDIUM | 7.4 HIGH |
| Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuy44695. | |||||
| CVE-2014-3264 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 6.3 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561. | |||||
| CVE-2016-1477 | 1 Cisco | 1 Connected Streaming Analytics | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891. | |||||
| CVE-2016-6429 | 1 Cisco | 1 Ip Interoperability And Collaboration System | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. More Information: CSCva47092. Known Affected Releases: 4.10(1). | |||||
| CVE-2016-6414 | 1 Cisco | 1 Ios | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223. | |||||
| CVE-2016-9211 | 1 Cisco | 2 Ons 15454 Sdh Multiservice Platform, Ons 15454 Sdh Multiservice Platform Software | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reload. More Information: CSCuw26032. Known Affected Releases: 10.51. | |||||
| CVE-2014-2127 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 8.5 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099. | |||||
| CVE-2014-3277 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | 4.0 MEDIUM | N/A |
| The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum77005. | |||||
| CVE-2015-4259 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle attackers to bypass cryptographic protection mechanisms by leveraging knowledge of a private key, aka Bug IDs CSCum56133 and CSCum56177. | |||||
| CVE-2014-3322 | 1 Cisco | 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417. | |||||