Filtered by vendor Cisco
Subscribe
Total
6226 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6396 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2025-04-11 | 4.9 MEDIUM | N/A |
| Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a crafted configuration that references interfaces that do not exist on the new card, aka Bug ID CSCud44300. | |||||
| CVE-2012-0330 | 1 Cisco | 2 Telepresence System Software, Telepresence Video Communication Server | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. | |||||
| CVE-2012-4078 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | 8.5 HIGH | N/A |
| The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656. | |||||
| CVE-2013-3446 | 1 Cisco | 1 Digital Media Manager | 2025-04-11 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849. | |||||
| CVE-2013-1170 | 1 Cisco | 2 Prime Network Control System, Prime Network Control System Software | 2025-04-11 | 7.5 HIGH | N/A |
| The Cisco Prime Network Control System (NCS) appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the configuration or cause a denial of service (service disruption) via unspecified vectors, aka Bug ID CSCtz30468. | |||||
| CVE-2012-5444 | 1 Cisco | 2 Telepresence Video Communication Server, Telepresence Video Communication Servers Software | 2025-04-11 | 5.0 MEDIUM | N/A |
| Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not properly process certain search rules, which allows remote attackers to create conferences via an unspecified Conductor request, aka Bug ID CSCub67989. | |||||
| CVE-2010-2839 | 1 Cisco | 1 Unified Presence Server | 2025-04-11 | 7.8 HIGH | N/A |
| SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474. | |||||
| CVE-2012-1346 | 1 Cisco | 1 Emergency Responder | 2025-04-11 | 5.0 MEDIUM | N/A |
| Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369. | |||||
| CVE-2013-1140 | 1 Cisco | 1 Security Monitoring Analysis And Response System | 2025-04-11 | 4.3 MEDIUM | N/A |
| The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093. | |||||
| CVE-2011-4659 | 1 Cisco | 2 Ip Video Phone E20, Telepresence E20 Software | 2025-04-11 | 10.0 HIGH | N/A |
| Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555. | |||||
| CVE-2013-5512 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | 7.1 HIGH | N/A |
| Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.4), 9.0.x before 9.0(1.4), and 9.1.x before 9.1(1.2), in certain conditions involving the spoof-server option or ActiveX or Java response inspection, allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response, aka Bug ID CSCud37992. | |||||
| CVE-2013-3413 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search form in the administration/monitoring panel on the Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh87036. | |||||
| CVE-2011-4500 | 2 Cisco, Linksys | 2 Linksys Wrt54gx Router Firmware, Wrt54gx | 2025-04-11 | 7.5 HIGH | N/A |
| The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests. | |||||
| CVE-2013-5481 | 1 Cisco | 1 Ios | 2025-04-11 | 7.1 HIGH | N/A |
| The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817. | |||||
| CVE-2012-4643 | 1 Cisco | 11 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Catalyst 6500 and 8 more | 2025-04-11 | 7.1 HIGH | N/A |
| The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reload) via a series of crafted IPv4 packets, aka Bug ID CSCtw84068. | |||||
| CVE-2013-1102 | 1 Cisco | 9 2000 Wireless Lan Controller, 2100 Wireless Lan Controller, 2500 Wireless Lan Controller and 6 more | 2025-04-11 | 7.8 HIGH | N/A |
| The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID CSCtx80743. | |||||
| CVE-2010-0598 | 1 Cisco | 4 Mediator Framework, Network Building Mediator Nbm-2400, Network Building Mediator Nbm-4800 and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631. | |||||
| CVE-2011-3298 | 1 Cisco | 6 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 3 more | 2025-04-11 | 7.9 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274. | |||||
| CVE-2013-5497 | 1 Cisco | 1 Intrusion Prevention System | 2025-04-11 | 4.3 MEDIUM | N/A |
| The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148. | |||||
| CVE-2009-4923 | 1 Cisco | 1 Asa 5580 | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162. | |||||