Filtered by vendor Cisco
Subscribe
Total
6218 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4298 | 1 Cisco | 1 Unified Web And E-mail Interaction Manager | 2025-04-12 | 6.5 MEDIUM | N/A |
| Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056. | |||||
| CVE-2014-7996 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477. | |||||
| CVE-2015-4238 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 6.8 MEDIUM | N/A |
| The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601. | |||||
| CVE-2015-4274 | 1 Cisco | 1 Unified Intelligence Center | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence Center 10.0(1) and 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuu94862 and CSCuu97936. | |||||
| CVE-2015-4257 | 1 Cisco | 1 Telepresence Mcu Software | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MCU 4500 devices with software 4.5(1.55) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90710. | |||||
| CVE-2015-4210 | 1 Cisco | 1 Webex Meeting Center | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur03806. | |||||
| CVE-2015-0635 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 9.0 HIGH | N/A |
| The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191. | |||||
| CVE-2016-6396 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafted fields in HTTP headers, aka Bug ID CSCuz44482. | |||||
| CVE-2015-6368 | 1 Cisco | 1 Firepower Extensible Operating System | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to read files via a crafted HTTP request, aka Bug ID CSCux10608. | |||||
| CVE-2015-6293 | 1 Cisco | 1 Web Security Appliance | 2025-04-12 | 7.8 HIGH | N/A |
| Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple file-range requests, aka Bug ID CSCur39155. | |||||
| CVE-2016-1446 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200. | |||||
| CVE-2014-3271 | 1 Cisco | 1 Ios Xr | 2025-04-12 | 5.0 MEDIUM | N/A |
| The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149. | |||||
| CVE-2015-4241 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote attackers to cause a denial of service (system reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCut52679. | |||||
| CVE-2015-0584 | 1 Cisco | 1 Desktop Collaboration Experience Dx650 | 2025-04-12 | 7.2 HIGH | N/A |
| The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947. | |||||
| CVE-2014-3370 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2025-04-12 | 7.1 HIGH | N/A |
| Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447. | |||||
| CVE-2015-0665 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-12 | 6.6 MEDIUM | N/A |
| The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173. | |||||
| CVE-2016-6393 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.1 HIGH | 7.5 HIGH |
| The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667. | |||||
| CVE-2016-6439 | 1 Cisco | 1 Secure Firewall Management Center | 2025-04-12 | 4.3 MEDIUM | 7.5 HIGH |
| A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. | |||||
| CVE-2012-5037 | 1 Cisco | 3 Catalyst 6500, Catalyst 7600, Ios | 2025-04-12 | 4.6 MEDIUM | N/A |
| The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133. | |||||
| CVE-2014-3306 | 1 Cisco | 9 Dpc3010, Dpc3212, Dpc3825 and 6 more | 2025-04-12 | 10.0 HIGH | N/A |
| The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, EPC3010, EPC3212, EPC3825, and EPC3925 Wireless Residential Gateway products allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCup40808. | |||||