Filtered by vendor Cisco
Subscribe
Total
6209 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4253 | 1 Cisco | 1 Telepresence Serial Gateway | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Serial Gateway devices with software 1.0(1.42) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90728. | |||||
| CVE-2014-0745 | 1 Cisco | 1 Unified Contact Center Express Editor Software | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502. | |||||
| CVE-2012-5017 | 1 Cisco | 8 Asr 1001, Asr 1002, Asr 1002-x and 5 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268. | |||||
| CVE-2016-6382 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399. | |||||
| CVE-2015-0614 | 1 Cisco | 1 Unity Connection | 2025-04-12 | 7.1 HIGH | N/A |
| The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul26267. | |||||
| CVE-2014-3340 | 1 Cisco | 1 Webex Meetmenow | 2025-04-12 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in an unspecified PHP script in the server in Cisco WebEx MeetMeNow allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCuo16166. | |||||
| CVE-2012-4651 | 1 Cisco | 1 Ios | 2025-04-12 | 4.3 MEDIUM | N/A |
| Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451. | |||||
| CVE-2016-1345 | 1 Cisco | 2 Asa With Firepower Services, Firesight System Software | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726. | |||||
| CVE-2016-1327 | 1 Cisco | 4 Dpc2203, Dpc2203 Cable Modem Firmware, Epc2203 and 1 more | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCuv05935. | |||||
| CVE-2015-0604 | 1 Cisco | 4 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9951 Firmware and 1 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424. | |||||
| CVE-2016-6420 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, aka Bug ID CSCur25467. | |||||
| CVE-2015-0606 | 1 Cisco | 1 Ios | 2025-04-12 | 4.9 MEDIUM | N/A |
| The IOS Shell in Cisco IOS allows local users to cause a denial of service (device crash) via unspecified commands, aka Bug ID CSCur59696. | |||||
| CVE-2015-4182 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | 5.5 MEDIUM | N/A |
| The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087. | |||||
| CVE-2016-1464 | 1 Cisco | 1 Webex Wrf Player T29 | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375. | |||||
| CVE-2014-2111 | 1 Cisco | 1 Ios | 2025-04-12 | 7.1 HIGH | N/A |
| The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996. | |||||
| CVE-2014-2143 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 5.0 MEDIUM | N/A |
| The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. | |||||
| CVE-2015-6388 | 1 Cisco | 1 Unified Computing System Central Software | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCux33575. | |||||
| CVE-2015-0607 | 1 Cisco | 1 Ios | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connection attempt with a blank password, aka Bug IDs CSCuo09400 and CSCun16016. | |||||
| CVE-2015-4254 | 1 Cisco | 1 Telepresence Advanced Media Gateway | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Advanced Media Gateway devices with software 1.1(1.40) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90732. | |||||
| CVE-2014-3404 | 1 Cisco | 1 Ios Xe | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677. | |||||