Filtered by vendor Cisco
Subscribe
Total
6508 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5422 | 1 Cisco | 5 As5400 Universal Gateway, As5400hpx Universal Gateway, As5400xm Media Gateway and 2 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009. | |||||
| CVE-2015-6392 | 1 Cisco | 40 Nexus 5010, Nexus 5020, Nexus 5548p and 37 more | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171. | |||||
| CVE-2015-0747 | 1 Cisco | 3 Headend Digital Broadband Delivery System, Headend System Release, Videoscape Conductor | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. | |||||
| CVE-2016-1477 | 1 Cisco | 1 Connected Streaming Analytics | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891. | |||||
| CVE-2015-0615 | 1 Cisco | 1 Unity Connection | 2025-04-12 | 7.1 HIGH | N/A |
| The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (port consumption) by improperly terminating SIP sessions, aka Bug ID CSCul28089. | |||||
| CVE-2015-0767 | 1 Cisco | 2 Edge 340, Edge 340 Firmware | 2025-04-12 | 7.2 HIGH | N/A |
| Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local users to obtain root privileges via unspecified commands, aka Bug ID CSCur18132. | |||||
| CVE-2015-0658 | 1 Cisco | 35 Nexus 3016, Nexus 3048, Nexus 3064 and 32 more | 2025-04-12 | 7.9 HIGH | N/A |
| The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. | |||||
| CVE-2015-4314 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | 4.0 MEDIUM | N/A |
| The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422. | |||||
| CVE-2016-1455 | 1 Cisco | 8 Nexus 93128, Nexus 9396px, Nexus 9396tx and 5 more | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365. | |||||
| CVE-2015-0675 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 8.3 HIGH | N/A |
| The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069. | |||||
| CVE-2015-6329 | 1 Cisco | 1 Prime Collaboration Provisioning | 2025-04-12 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut64074. | |||||
| CVE-2016-1324 | 1 Cisco | 1 Spark | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| The REST interface in Cisco Spark 2015-06 allows remote attackers to cause a denial of service (resource outage) by accessing an administrative page, aka Bug ID CSCuv84125. | |||||
| CVE-2015-4289 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-12 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920. | |||||
| CVE-2016-6441 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system. This vulnerability affects Cisco ASR 900 Series Aggregation Services Routers (ASR902, ASR903, and ASR907) that are running the following releases of Cisco IOS XE Software: 3.17.0S 3.17.1S 3.17.2S 3.18.0S 3.18.1S. More Information: CSCuy15175. Known Affected Releases: 15.6(1)S 15.6(2)S. Known Fixed Releases: 15.6(1)S2.12 15.6(1.17)S0.41 15.6(1.17)SP 15.6(2)SP 16.4(0.183) 16.5(0.10). | |||||
| CVE-2016-6369 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-12 | 7.2 HIGH | 7.8 HIGH |
| Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. | |||||
| CVE-2016-1370 | 1 Cisco | 2 Network Analysis Module, Network Analysis Module Software | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculates IPv6 payload lengths, which allows remote attackers to cause a denial of service (mond process crash and monitoring outage) via crafted IPv6 packets, aka Bug ID CSCuy37324. | |||||
| CVE-2016-1434 | 1 Cisco | 2 Ip Phone 8800, Ip Phone 8800 Series Firmware | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| The license-certificate upload functionality on Cisco 8800 phones with software 11.0(1) allows remote authenticated users to delete arbitrary files via an invalid file, aka Bug ID CSCuz03010. | |||||
| CVE-2016-1287 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019. | |||||
| CVE-2015-0655 | 1 Cisco | 1 Unified Web And E-mail Interaction Manager | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184. | |||||
| CVE-2016-6471 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password. More Information: CSCvb19366. Known Affected Releases: 5.4.1.6. | |||||