Filtered by vendor Cisco
Subscribe
Total
6585 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2822 | 1 Cisco | 4 Ace 4710, Ace Module, Catalyst 6500 and 1 more | 2026-04-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6), allows remote attackers to cause a denial of service (device reload) via crafted RTSP packets over TCP, aka Bug IDs CSCta85227 and CSCtg14858. | |||||
| CVE-2012-4086 | 1 Cisco | 1 Unified Computing System | 2026-04-29 | 5.1 MEDIUM | N/A |
| A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790. | |||||
| CVE-2014-0669 | 1 Cisco | 1 Asr 5000 Series Software | 2026-04-29 | 5.0 MEDIUM | N/A |
| The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions via unspecified WSP packets, aka Bug ID CSCuh28371. | |||||
| CVE-2014-0741 | 1 Cisco | 1 Unified Communications Manager | 2026-04-29 | 6.2 MEDIUM | N/A |
| The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. | |||||
| CVE-2013-1188 | 1 Cisco | 1 Unified Communications Manager | 2026-04-29 | 5.0 MEDIUM | N/A |
| Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series of requests, aka Bug ID CSCud39515. | |||||
| CVE-2013-6682 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-04-29 | 6.4 MEDIUM | N/A |
| The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299. | |||||
| CVE-2010-2834 | 1 Cisco | 3 Ios, Ios Xe, Unified Communications Manager | 2026-04-29 | 7.8 HIGH | N/A |
| Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987. | |||||
| CVE-2009-5038 | 1 Cisco | 1 Ios | 2026-04-29 | 7.8 HIGH | N/A |
| Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. | |||||
| CVE-2013-6983 | 1 Cisco | 1 Unified Presence Server | 2026-04-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615. | |||||
| CVE-2013-5517 | 1 Cisco | 1 Unified Communications Domain Manager | 2026-04-29 | 5.5 MEDIUM | N/A |
| SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567. | |||||
| CVE-2010-0592 | 1 Cisco | 1 Unified Communications Manager | 2026-04-29 | 7.8 HIGH | N/A |
| The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800. | |||||
| CVE-2013-6685 | 1 Cisco | 4 Unified Ip Phone 8961, Unified Ip Phone 9951, Unified Ip Phone 9971 and 1 more | 2026-04-29 | 6.6 MEDIUM | N/A |
| The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its filesystem, aka Bug ID CSCui04382. | |||||
| CVE-2014-0740 | 1 Cisco | 1 Unified Communications Manager | 2026-04-29 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of administrators for requests that make administrative changes, aka Bug ID CSCun00701. | |||||
| CVE-2010-2842 | 1 Cisco | 1 Wireless Lan Controller Software | 2026-04-29 | 9.0 HIGH | N/A |
| Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033. | |||||
| CVE-2012-0355 | 1 Cisco | 11 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Catalyst 6500 and 8 more | 2026-04-29 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger syslog message 305006, aka Bug ID CSCts39634. | |||||
| CVE-2013-1159 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution | 2026-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud56706. | |||||
| CVE-2011-4007 | 1 Cisco | 2 Ios, Ios Xe | 2026-04-29 | 5.4 MEDIUM | N/A |
| Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set mpls experimental imposition" command, which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly, aka Bug ID CSCtr56576. | |||||
| CVE-2013-1100 | 1 Cisco | 85 Catalyst 2820, Catalyst 2900, Catalyst 2900 Vlan and 82 more | 2026-04-29 | 5.4 MEDIUM | N/A |
| The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853. | |||||
| CVE-2013-3379 | 1 Cisco | 1 Telepresence Tc Software | 2026-04-29 | 8.3 HIGH | N/A |
| The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781. | |||||
| CVE-2010-4685 | 1 Cisco | 1 Ios | 2026-04-29 | 4.0 MEDIUM | N/A |
| Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031. | |||||