Filtered by vendor Cisco
Subscribe
Total
6209 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1103 | 1 Cisco | 9 2000 Wireless Lan Controller, 2100 Wireless Lan Controller, 2500 Wireless Lan Controller and 6 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659. | |||||
| CVE-2011-1646 | 1 Cisco | 4 Rvs4000, Rvs4000 Software, Wrvs4400n and 1 more | 2025-04-11 | 9.0 HIGH | N/A |
| The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote authenticated users to execute arbitrary commands via the (1) ping test parameter or (2) traceroute test parameter, aka Bug ID CSCtn23871. | |||||
| CVE-2010-4685 | 1 Cisco | 1 Ios | 2025-04-11 | 4.0 MEDIUM | N/A |
| Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031. | |||||
| CVE-2013-1123 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuc65411 and CSCue18706. | |||||
| CVE-2010-0149 | 1 Cisco | 2 Asa 5500, Pix 500 | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability." | |||||
| CVE-2013-3378 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557. | |||||
| CVE-2010-2828 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759. | |||||
| CVE-2010-1575 | 1 Cisco | 1 Content Services Switch 11500 | 2025-04-11 | 7.5 HIGH | N/A |
| The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690. | |||||
| CVE-2013-1194 | 1 Cisco | 2 Adaptive Security Appliance, Adaptive Security Appliance Software | 2025-04-11 | 5.0 MEDIUM | N/A |
| The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708. | |||||
| CVE-2014-0673 | 1 Cisco | 1 Video Surveillance Indoor Fixed Dome Ip Hd Camera | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Cisco Video Surveillance 5000 HD IP Dome cameras allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCud10943 and CSCud10950. | |||||
| CVE-2013-7043 | 1 Cisco | 4 Scientific Atlanta Dpr2325, Scientific Atlanta Dpr2325 Firmware, Scientific Atlanta Dpr\/epr2320 and 1 more | 2025-04-11 | 8.3 HIGH | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Scientific Atlanta DPR2320R2 routers with software 2.0.2r1262-090417 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via the Password parameter to goform/RgSecurity; (2) reboot the device via the Restart parameter to goform/restart; (3) modify Wi-Fi settings, as demonstrated by the WpaPreSharedKey parameter to goform/wlanSecurity; or (4) modify parental controls via the ParentalPassword parameter to goform/RgParentalBasic. | |||||
| CVE-2013-1216 | 1 Cisco | 1 Ios Xr | 2025-04-11 | 4.0 MEDIUM | N/A |
| Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption and process restart) via crafted SNMP packets, aka Bug ID CSCue31546. | |||||
| CVE-2012-4135 | 1 Cisco | 1 Nx-os | 2025-04-11 | 4.6 MEDIUM | N/A |
| Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275. | |||||
| CVE-2013-3401 | 1 Cisco | 1 Telepresence Tc Software | 2025-04-11 | 4.3 MEDIUM | N/A |
| The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintended use of NOTIFY messages via unspecified vectors, aka Bug ID CSCud96080. | |||||
| CVE-2013-3474 | 1 Cisco | 1 Wireless Lan Controller | 2025-04-11 | 6.3 MEDIUM | N/A |
| The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager managers group, Read Only managers group, or Lobby Ambassador managers group, and sending a request that (1) lacks a parameter value or (2) contains a malformed parameter value, aka Bug IDs CSCuh14313, CSCuh14159, CSCuh14368, and CSCuh14436. | |||||
| CVE-2012-0370 | 1 Cisco | 13 2000 Wireless Lan Controller, 2100 Wireless Lan Controller, 2106 Wireless Lan Controller and 10 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435. | |||||
| CVE-2013-3408 | 1 Cisco | 3 Virtualization Experience Client 6000, Virtualization Experience Client 6000 Series Firmware, Virtualization Experience Client 6215 | 2025-04-11 | 6.8 MEDIUM | N/A |
| The firmware on Cisco Virtualization Experience Client 6000 devices sets incorrect operating-system permissions, which allows local users to gain privileges via an unspecified sequence of commands, aka Bug ID CSCuc31764. | |||||
| CVE-2013-5506 | 1 Cisco | 1 Firewall Services Module Software | 2025-04-11 | 6.6 MEDIUM | N/A |
| The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or modify any context's configuration via unspecified commands, aka Bug ID CSCue46080. | |||||
| CVE-2011-3303 | 1 Cisco | 6 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 3 more | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via malformed ILS traffic, aka Bug IDs CSCtq57697 and CSCtq57802. | |||||
| CVE-2012-6029 | 1 Cisco | 1 Nac Appliance | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cm or (2) uri parameters to (a) perfigo_weblogin.jsp, or the (3) cm, (4) provider, (5) session, (6) uri, (7) userip, or (8) username parameters to (b) perfigo_cm_validate.jsp, aka Bug ID CSCud15109. | |||||