Vulnerabilities (CVE)

Filtered by CWE-20
Total 11549 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1184 1 Cisco 6 Unified Computing System 6120xp Fabric Interconnect, Unified Computing System 6140xp Fabric Interconnect, Unified Computing System 6248up Fabric Interconnect and 3 more 2026-06-16 7.8 HIGH N/A
The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206.
CVE-2013-1181 1 Cisco 12 Nexus 3016q, Nexus 3048, Nexus 3064t and 9 more 2026-06-16 7.8 HIGH N/A
Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to cause a denial of service (device reload) by sending a jumbo packet to the management interface, aka Bug IDs CSCtx17544, CSCts10593, and CSCtx95389.
CVE-2013-1176 1 Cisco 12 Telepresence Mcu 4500 Series Software, Telepresence Mcu 4501, Telepresence Mcu 4501 Series Software and 9 more 2026-06-16 7.1 HIGH N/A
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448.
CVE-2013-1172 1 Cisco 1 Anyconnect Secure Mobility Client 2026-06-16 6.6 MEDIUM N/A
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.
CVE-2013-1166 1 Cisco 8 Asr 1001, Asr 1002, Asr 1002-x and 5 more 2026-06-16 7.8 HIGH N/A
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609.
CVE-2013-1165 1 Cisco 8 Asr 1001, Asr 1002, Asr 1002-x and 5 more 2026-06-16 7.8 HIGH N/A
Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293.
CVE-2013-1162 1 Cisco 1 Ios Xr 2026-06-16 5.0 MEDIUM N/A
The traffic engineering (TE) processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service (process restart) via crafted TE packets, aka Bug ID CSCue04000.
CVE-2013-1161 1 Cisco 1 Jabber Im 2026-06-16 6.3 MEDIUM N/A
The XML parser in the Cisco Jabber IM application for Android allows remote authenticated users to cause a denial of service (blocked connection) by leveraging an entry on a Buddy list and sending a crafted XMPP presence update message, aka Bug ID CSCue38383.
CVE-2013-1151 1 Cisco 1 Adaptive Security Appliance Software 2026-06-16 7.1 HIGH N/A
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408.
CVE-2013-1135 1 Cisco 1 Prime Central For Hosted Collaboration Solution Assurance 2026-06-16 7.1 HIGH N/A
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 9043 or (2) 9443, aka Bug ID CSCuc07155.
CVE-2013-1133 1 Cisco 1 Unified Communications Manager 2026-06-16 7.8 HIGH N/A
Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337.
CVE-2013-1125 1 Cisco 10 Application Networking Manager, Context Directory Agent, Identity Services Engine Software and 7 more 2026-06-16 6.8 MEDIUM N/A
The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.
CVE-2013-1122 1 Cisco 2 Nexus 7000, Nx-os 2026-06-16 5.0 MEDIUM N/A
Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted packets, aka Bug ID CSCud15673.
CVE-2013-1112 1 Cisco 1 Carrier Routing System 2026-06-16 5.0 MEDIUM N/A
Cisco Carrier Routing System (CRS) allows remote attackers to cause a denial of service (packet loss) via short malformed packets that trigger inefficient processing, aka Bug ID CSCud79136.
CVE-2013-1093 1 Novell 1 Zenworks Configuration Management 2026-06-16 5.8 MEDIUM N/A
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage parameter.
CVE-2013-1057 1 Canonical 2 Maas, Ubuntu Linux 2026-06-16 4.4 MEDIUM N/A
Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.
CVE-2013-1051 2 Canonical, Debian 3 Ubuntu Linux, Advanced Package Tool, Apt 2026-06-16 4.3 MEDIUM N/A
apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories.
CVE-2013-1029 1 Apple 1 Mac Os X 2026-06-16 4.9 MEDIUM N/A
The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser.
CVE-2013-1028 1 Apple 2 Iphone Os, Mac Os X 2026-06-16 5.8 MEDIUM N/A
The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate.
CVE-2013-1024 1 Apple 2 Mac Os X, Mac Os X Server 2026-06-16 6.8 MEDIUM N/A
CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.