Filtered by vendor Cisco
Subscribe
Total
6226 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1339 | 1 Cisco | 1 Unified Computing System Infrastructure And Unified Computing System Software | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Fabric Interconnect component in Cisco Unified Computing System (UCS) 2.0 allows remote attackers to cause a denial of service (process crash) via an attempted SSH session, aka Bug ID CSCtt94543. | |||||
| CVE-2011-0961 | 1 Cisco | 1 Ciscoworks Common Services | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the device parameter, aka Bug ID CSCto12704. | |||||
| CVE-2013-1119 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503. | |||||
| CVE-2009-4912 | 1 Cisco | 1 Asa 5580 | 2025-04-11 | 10.0 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876. | |||||
| CVE-2012-3949 | 1 Cisco | 3 Ios, Ios Xe, Unified Communications Manager | 2025-04-11 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664. | |||||
| CVE-2011-2546 | 1 Cisco | 4 Sa500 Software, Sa520, Sa520w and 1 more | 2025-04-11 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669. | |||||
| CVE-2012-4084 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755. | |||||
| CVE-2010-0594 | 1 Cisco | 1 Router And Security Device Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467. | |||||
| CVE-2012-5419 | 1 Cisco | 2 Adaptive Security Appliance Software, Asa 1000v Cloud Firewall | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) software 8.7.1 and 8.7.1.1 for the Cisco ASA 1000V Cloud Firewall allows remote attackers to cause a denial of service (device reload) via a malformed H.225 H.323 IPv4 packet, aka Bug IDs CSCuc42812 and CSCuc88741. | |||||
| CVE-2013-5477 | 1 Cisco | 1 Ios | 2025-04-11 | 7.8 HIGH | N/A |
| The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465. | |||||
| CVE-2012-4094 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | 5.4 MEDIUM | N/A |
| Buffer overflow in the Smart Call Home feature in the fabric interconnect in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service by reading and forging control messages associated with Smart Call Home reports, aka Bug ID CSCtl00198. | |||||
| CVE-2013-1160 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56743. | |||||
| CVE-2014-0670 | 1 Cisco | 1 Mediasense | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686. | |||||
| CVE-2013-3458 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | 7.1 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do not properly process X.509 certificates, which allows remote attackers to cause a denial of service (device crash) via a large volume of (1) SSL or (2) TLS traffic, aka Bug ID CSCuh19462. | |||||
| CVE-2013-3468 | 1 Cisco | 2 Unified Ip Phone 8945, Unified Ip Phone Firmware | 2025-04-11 | 7.8 HIGH | N/A |
| The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270. | |||||
| CVE-2010-0642 | 1 Cisco | 1 Collaboration Server | 2025-04-11 | 5.0 MEDIUM | N/A |
| Cisco Collaboration Server (CCS) 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by (1) changing .jhtml to %2Ejhtml, (2) changing .jhtml to .jhtm%6C, (3) appending %00 after .jhtml, and (4) appending %c0%80 after .jhtml, related to the (a) doc/docindex.jhtml, (b) browserId/wizardForm.jhtml, (c) webline/html/forms/callback.jhtml, (d) webline/html/forms/callbackICM.jhtml, (e) webline/html/agent/AgentFrame.jhtml, (f) webline/html/agent/default/badlogin.jhtml, (g) callme/callForm.jhtml, (h) webline/html/multichatui/nowDefunctWindow.jhtml, (i) browserId/wizard.jhtml, (j) admin/CiscoAdmin.jhtml, (k) msccallme/mscCallForm.jhtml, and (l) webline/html/admin/wcs/LoginPage.jhtml components. | |||||
| CVE-2012-1370 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-11 | 3.5 LOW | N/A |
| Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows remote authenticated users to cause a denial of service (vpnagentd process crash) via a crafted packet, aka Bug ID CSCty01670. | |||||
| CVE-2013-3457 | 1 Cisco | 1 Finesse | 2025-04-11 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in the web interface in Cisco Finesse allows remote attackers to read directory contents via a direct request to a directory URL, aka Bug ID CSCug16772. | |||||
| CVE-2014-0657 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 4.0 MEDIUM | N/A |
| The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540. | |||||
| CVE-2014-0732 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
| The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct request to a URL, aka Bug ID CSCum46495. | |||||