Filtered by vendor Cisco
Subscribe
Total
6209 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0660 | 1 Cisco | 1 Telepresence Server Software | 2025-04-12 | 7.2 HIGH | N/A |
| Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123. | |||||
| CVE-2014-2165 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2025-04-12 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtq72699. | |||||
| CVE-2015-6350 | 1 Cisco | 1 Prime Service Catalog | 2025-04-12 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuw50843. | |||||
| CVE-2016-6360 | 1 Cisco | 2 Email Security Appliance, Web Security Appliance | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. Affected Products: Cisco AsyncOS Software for Email Security Appliances (ESA) versions 9.5 and later up to the first fixed release, Cisco AsyncOS Software for Web Security Appliances (WSA) all versions prior to the first fixed release. More Information: CSCux56406, CSCux59928. Known Affected Releases: 9.6.0-051 9.7.0-125 8.8.0-085 9.5.0-444 WSA10.0.0-000. Known Fixed Releases: 9.7.1-066 WSA10.0.0-233. | |||||
| CVE-2016-1357 | 1 Cisco | 1 Cisco Policy Suite | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0.2-att, 7.0.3-att, 7.0.4-att, and 7.5.0 allows remote attackers to bypass intended RBAC restrictions and read unspecified data via unknown vectors, aka Bug ID CSCut85211. | |||||
| CVE-2015-4200 | 1 Cisco | 1 Ios | 2025-04-12 | 7.8 HIGH | N/A |
| Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (memory consumption) by triggering an error during CPE negotiation, aka Bug ID CSCug00885. | |||||
| CVE-2014-3392 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 8.3 HIGH | N/A |
| The Clientless SSL VPN portal in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.15), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows remote attackers to obtain sensitive information from process memory or modify memory contents via crafted parameters, aka Bug ID CSCuq29136. | |||||
| CVE-2015-6336 | 1 Cisco | 5 Aironet 1830e, Aironet 1830i, Aironet 1850e and 2 more | 2025-04-12 | 7.5 HIGH | 7.3 HIGH |
| Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have a default account, which makes it easier for remote attackers to obtain access via unspecified vectors, aka Bug ID CSCuw58062. | |||||
| CVE-2015-4327 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | 7.2 HIGH | N/A |
| The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542. | |||||
| CVE-2014-2112 | 1 Cisco | 1 Ios | 2025-04-12 | 7.8 HIGH | N/A |
| The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357. | |||||
| CVE-2014-2186 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj81777. | |||||
| CVE-2012-1366 | 1 Cisco | 10 Asr 1001, Asr 1002, Asr 1002-x and 7 more | 2025-04-12 | 6.1 MEDIUM | N/A |
| Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544. | |||||
| CVE-2014-2104 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113. | |||||
| CVE-2015-6276 | 1 Cisco | 1 Telepresence System Software Ix | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the web root with insufficient access control, which allows remote attackers to obtain cleartext versions of HTTPS traffic or spoof devices via a direct request to the certificate directory, aka Bug ID CSCuu63501. | |||||
| CVE-2014-2121 | 1 Cisco | 1 Hosted Collaboration Solution | 2025-04-12 | 5.0 MEDIUM | N/A |
| The Java-based software in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (closing of TCP ports) via unspecified vectors, aka Bug IDs CSCug77633, CSCug77667, CSCug78266, CSCug82795, and CSCuh58643. | |||||
| CVE-2016-1415 | 1 Cisco | 1 Webex Wrf Player T29 | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455. | |||||
| CVE-2014-3264 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 6.3 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 9.1(.5) and earlier allows remote authenticated users to cause a denial of service (device reload) via crafted attributes in a RADIUS packet, aka Bug ID CSCun69561. | |||||
| CVE-2016-1338 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | 8.0 HIGH | 6.5 MEDIUM |
| Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026. | |||||
| CVE-2016-1368 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, and on the Advanced Malware Protection (AMP) for Networks component on these appliances, allows remote attackers to cause a denial of service (packet-processing outage) via crafted packets, aka Bug ID CSCuu86214. | |||||
| CVE-2015-6402 | 1 Cisco | 1 Epc3928 Docsis 3.0 8x4 Wireless Residential Gateway With Embedded Digital Voice Adapter | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935. | |||||