Filtered by vendor Cisco
Subscribe
Total
6510 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6428 | 1 Cisco | 1 Ios Xr | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349. | |||||
| CVE-2014-2112 | 1 Cisco | 1 Ios | 2025-04-12 | 7.8 HIGH | N/A |
| The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357. | |||||
| CVE-2015-4229 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | 5.0 MEDIUM | N/A |
| The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589. | |||||
| CVE-2012-0360 | 1 Cisco | 1 Ios | 2025-04-12 | 5.0 MEDIUM | N/A |
| Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376. | |||||
| CVE-2016-1396 | 1 Cisco | 6 Rv110w Wireless-n Vpn Firewall, Rv110w Wireless-n Vpn Firewall Firmware, Rv130w Wireless-n Multifunction Vpn Router and 3 more | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583. | |||||
| CVE-2015-0734 | 1 Cisco | 1 Email Security Appliance Firmware | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743. | |||||
| CVE-2014-8025 | 1 Cisco | 1 Jabber Guest | 2025-04-12 | 4.3 MEDIUM | N/A |
| The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST response, aka Bug ID CSCus19801. | |||||
| CVE-2014-2125 | 1 Cisco | 1 Unity Connection | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028. | |||||
| CVE-2015-0622 | 1 Cisco | 1 Wireless Lan Controller | 2025-04-12 | 7.1 HIGH | N/A |
| The Wireless Intrusion Detection (aka WIDS) functionality on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device outage) via crafted packets that are improperly handled during rendering of the Signature Events Summary page, aka Bug ID CSCus46861. | |||||
| CVE-2014-3342 | 1 Cisco | 2 Cli, Ios Xr | 2025-04-12 | 4.0 MEDIUM | N/A |
| The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383. | |||||
| CVE-2015-6386 | 1 Cisco | 1 Web Security Appliance | 2025-04-12 | 5.0 MEDIUM | N/A |
| The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 and 8.5.1-021 allows remote attackers to cause a denial of service (CPU consumption) via FTP sessions in which the control connection is ended after data transfer, aka Bug ID CSCut94150. | |||||
| CVE-2014-8016 | 1 Cisco | 1 Ironport Email Security Appliances | 2025-04-12 | 5.0 MEDIUM | N/A |
| The Cisco IronPort Email Security Appliance (ESA) allows remote attackers to cause a denial of service (CPU consumption) via long Subject headers in e-mail messages, aka Bug ID CSCzv93864. | |||||
| CVE-2015-0727 | 1 Cisco | 1 Security Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP1(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27789. | |||||
| CVE-2015-0621 | 1 Cisco | 1 Telepresence Mcu 4500 Series Software | 2025-04-12 | 7.8 HIGH | N/A |
| Cisco TelePresence MCU devices with software 4.5(1.45) allow remote attackers to cause a denial of service (device reload) via an unspecified series of TCP packets, aka Bug ID CSCur50347. | |||||
| CVE-2015-4288 | 1 Cisco | 3 Content Security Management Appliance, Email Security Appliance, Web Security Appliance | 2025-04-12 | 4.3 MEDIUM | N/A |
| The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCuo29561, CSCuv40466, and CSCuv40470. | |||||
| CVE-2015-6424 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2025-04-12 | 7.2 HIGH | N/A |
| The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows local users to bypass intended access restrictions and obtain single-user-mode root access via unspecified vectors, aka Bug ID CSCuu83985. | |||||
| CVE-2016-1295 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775. | |||||
| CVE-2012-1366 | 1 Cisco | 10 Asr 1001, Asr 1002, Asr 1002-x and 7 more | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544. | |||||
| CVE-2015-6302 | 1 Cisco | 1 Wireless Lan Controller Software | 2025-04-12 | 5.0 MEDIUM | N/A |
| The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and 7.0(252.0) allows remote attackers to disconnect arbitrary sessions via crafted Disconnect-Request UDP packets, aka Bug ID CSCuw29419. | |||||
| CVE-2015-4256 | 1 Cisco | 1 Telepresence Ip Vcr 3.0 | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP VCR devices with software 3.0(1.27) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90736. | |||||