Filtered by vendor Cisco
Subscribe
Filtered by product Adaptive Security Appliance Software
Subscribe
Total
351 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6682 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-17 | 6.4 MEDIUM | N/A |
| The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299. | |||||
| CVE-2013-5568 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 7.1 HIGH | N/A |
| The auto-update implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier allows remote attackers to cause a denial of service (device reload) via crafted update data, aka Bug ID CSCui33308. | |||||
| CVE-2013-5567 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 5.4 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606. | |||||
| CVE-2013-5560 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 5.4 MEDIUM | N/A |
| The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1.3 and earlier, when NAT64 or NAT66 is enabled, does not properly process NAT rules, which allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCue34342. | |||||
| CVE-2013-5557 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 6.3 MEDIUM | N/A |
| The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577. | |||||
| CVE-2013-5551 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 6.3 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software, when certain same-security-traffic and management-access options are enabled, allows remote authenticated users to cause a denial of service (stack overflow and device reload) by using the clientless SSL VPN portal for internal-resource browsing, aka Bug ID CSCui51199. | |||||
| CVE-2013-5544 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 5.4 MEDIUM | N/A |
| The VPN authentication functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (device reload) by sending many username-from-cert IKE requests, aka Bug ID CSCua91108. | |||||
| CVE-2013-5542 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 8.5 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8) allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets, aka Bug ID CSCui77398. | |||||
| CVE-2013-5515 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 7.8 HIGH | N/A |
| The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.7), 8.6.x before 8.6(1.12), 9.0.x before 9.0(2.6), and 9.1.x before 9.1(1.7) allows remote attackers to cause a denial of service (device reload) via crafted HTTPS requests, aka Bug ID CSCua22709. | |||||
| CVE-2013-5513 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 7.1 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.3), and 9.1.x before 9.1(1.8), when the DNS ALPI engine is enabled for TCP, allows remote attackers to cause a denial of service (device reload) via crafted TCP DNS packets, aka Bug ID CSCug03975. | |||||
| CVE-2013-5512 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 7.1 HIGH | N/A |
| Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.4), 9.0.x before 9.0(1.4), and 9.1.x before 9.1(1.2), in certain conditions involving the spoof-server option or ActiveX or Java response inspection, allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response, aka Bug ID CSCud37992. | |||||
| CVE-2013-5511 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 10.0 HIGH | N/A |
| The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815. | |||||
| CVE-2013-5510 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 4.3 MEDIUM | N/A |
| The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401. | |||||
| CVE-2013-5509 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 10.0 HIGH | N/A |
| The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, aka Bug ID CSCuf52468. | |||||
| CVE-2013-5508 | 1 Cisco | 2 Adaptive Security Appliance Software, Firewall Services Module Software | 2026-06-16 | 7.1 HIGH | N/A |
| The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6), 9.0.x before 9.0(2.10), and 9.1.x before 9.1(2) and Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(27) and 4.x before 4.1(14) allows remote attackers to cause a denial of service (device reload) via crafted segmented Transparent Network Substrate (TNS) packets, aka Bug ID CSCub98434. | |||||
| CVE-2013-5507 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 7.1 HIGH | N/A |
| The IPsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(1.7), when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service (device reload) via a (1) ICMP or (2) ICMPv6 packet that is improperly handled during decryption, aka Bug ID CSCue18975. | |||||
| CVE-2013-3463 | 1 Cisco | 2 Adaptive Security Appliance, Adaptive Security Appliance Software | 2026-06-16 | 4.3 MEDIUM | N/A |
| The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899. | |||||
| CVE-2013-3458 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 7.1 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do not properly process X.509 certificates, which allows remote attackers to cause a denial of service (device crash) via a large volume of (1) SSL or (2) TLS traffic, aka Bug ID CSCuh19462. | |||||
| CVE-2013-3415 | 1 Cisco | 1 Adaptive Security Appliance Software | 2026-06-16 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737. | |||||
| CVE-2013-3414 | 1 Cisco | 2 Adaptive Security Appliance, Adaptive Security Appliance Software | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080. | |||||