Filtered by vendor Cisco
Subscribe
Total
6547 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3040 | 1 Cisco | 1 Intelligent Contact Manager | 2025-04-11 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a (1) HandleUpgradeAll, (2) AgentUpgrade, (3) HandleQueryNodeInfoReq, or (4) HandleUpgradeTrace TCP packet, aka Bug IDs CSCti45698, CSCti45715, CSCti45726, and CSCti46164.
|
|||||
| CVE-2010-4685 | 1 Cisco | 1 Ios | 2025-04-11 | 4.0 MEDIUM | N/A |
|
Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031.
|
|||||
| CVE-2013-3445 | 1 Cisco | 1 Identity Services Engine | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The firewall subsystem in Cisco Identity Services Engine has an incorrect rule for open ports, which allows remote attackers to cause a denial of service (CPU consumption or process crash) via a flood of malformed IP packets, aka Bug ID CSCug94572.
|
|||||
| CVE-2012-6395 | 1 Cisco | 4 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 1000v Cloud Firewall and 1 more | 2025-04-11 | 6.3 MEDIUM | N/A |
|
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775.
|
|||||
| CVE-2013-3450 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028.
|
|||||
| CVE-2010-0596 | 1 Cisco | 4 Mediator Framework, Network Building Mediator Nbm-2400, Network Building Mediator Nbm-4800 and 1 more | 2025-04-11 | 9.0 HIGH | N/A |
|
Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1.dev.1 and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain privileges, via a (1) HTTP or (2) HTTPS request, aka Bug ID CSCtb83607.
|
|||||
| CVE-2014-0662 | 1 Cisco | 2 Telepresence Video Communication Server Software, Telepresence Video Communication Servers Software | 2025-04-11 | 7.1 HIGH | N/A |
|
The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632.
|
|||||
| CVE-2013-1167 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2025-04-11 | 7.1 HIGH | N/A |
|
Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558.
|
|||||
| CVE-2010-2981 | 1 Cisco | 1 Unified Wireless Network Solution Software | 2025-04-11 | 7.1 HIGH | N/A |
|
Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370.
|
|||||
| CVE-2010-0598 | 1 Cisco | 4 Mediator Framework, Network Building Mediator Nbm-2400, Network Building Mediator Nbm-4800 and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
|
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.
|
|||||
| CVE-2010-2986 | 1 Cisco | 1 Wireless Control System Software | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the web interface in Cisco Wireless Control System (WCS) before 6.0(194.0) and 7.x before 7.0.164 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, aka Bug ID CSCtf14288.
|
|||||
| CVE-2013-5562 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The ITM web server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (temporary HTTP service outage) via a flood of TCP packets, aka Bug ID CSCuh36313.
|
|||||
| CVE-2012-1346 | 1 Cisco | 1 Emergency Responder | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369.
|
|||||
| CVE-2011-0377 | 1 Cisco | 7 Telepresence System 1000, Telepresence System 1100, Telepresence System 1300 Series and 4 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.
|
|||||
| CVE-2013-5540 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk consumption and administration-interface outage) by uploading many files, aka Bug ID CSCui67519.
|
|||||
| CVE-2012-4112 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the command-line interface, aka Bug ID CSCtr43330.
|
|||||
| CVE-2013-6708 | 1 Cisco | 1 Cloud Portal | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Cisco Cloud Portal 9.4 allows remote attackers to read files of unspecified types via a direct request, aka Bug IDs CSCuj08426 and CSCui60889.
|
|||||
| CVE-2013-1204 | 1 Cisco | 1 Ios Xr | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or process reload) by sending many port-162 UDP packets, aka Bug ID CSCug80345.
|
|||||
| CVE-2013-3425 | 1 Cisco | 1 Webex | 2025-04-11 | 4.0 MEDIUM | N/A |
|
The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965.
|
|||||
| CVE-2012-1324 | 1 Cisco | 1 Ios | 2025-04-11 | 7.1 HIGH | N/A |
|
Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configured, allows remote attackers to cause a denial of service (device crash) by sending IPv6 packets, aka Bug ID CSCtk53534.
|
|||||
| CVE-2013-3441 | 1 Cisco | 4 Aironet 3600, Aironet 3600e, Aironet 3600i and 1 more | 2025-04-11 | 5.4 MEDIUM | N/A |
|
Cisco Aironet 3600 access points allow remote attackers to cause a denial of service (memory corruption and device crash) by disrupting Cisco Wireless LAN Controller communication and consequently forcing many transitions from FlexConnect mode to Standalone mode, aka Bug ID CSCuh71210.
|
|||||
| CVE-2010-0142 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | 8.5 HIGH | N/A |
|
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.
|
|||||
| CVE-2011-3290 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-04-11 | 10.0 HIGH | N/A |
|
Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135.
|
|||||
| CVE-2013-3386 | 1 Cisco | 3 Content Security Management, Email Security Appliance Firmware, Ironport Asyncos | 2025-04-11 | 7.8 HIGH | N/A |
|
The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019 and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (service crash or hang) via a high rate of TCP connection attempts, aka Bug IDs CSCzv25573 and CSCzv81712.
|
|||||
| CVE-2013-1129 | 1 Cisco | 1 Unity Connection | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Memory leak in Cisco Unity Connection 9.x allows remote attackers to cause a denial of service (memory consumption and process crash) by sending many TCP requests, aka Bug ID CSCud59736.
|
|||||
| CVE-2012-1310 | 1 Cisco | 1 Ios | 2025-04-11 | 7.8 HIGH | N/A |
|
Memory leak in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted IP packets, aka Bug ID CSCto89536.
|
|||||
| CVE-2010-3044 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043.
|
|||||
| CVE-2013-3400 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824.
|
|||||
| CVE-2013-5565 | 1 Cisco | 1 Ios Xr | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (process crash) via a malformed LSA Type-1 packet, aka Bug ID CSCuj82176.
|
|||||
| CVE-2013-3376 | 1 Cisco | 1 Video Surveillance Operations Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Open redirect vulnerability in the help page in Cisco Video Surveillance Operations Manager allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCty74490.
|
|||||
| CVE-2013-3462 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 8.5 HIGH | N/A |
|
Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(2) allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Bug ID CSCud54358.
|
|||||
| CVE-2010-0604 | 1 Cisco | 1 Pgw 2200 Softswitch | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165.
|
|||||
| CVE-2011-4486 | 1 Cisco | 7 Business Edition 3000, Business Edition 3000 Software, Business Edition 5000 and 4 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers to cause a denial of service (device reload) via a crafted SCCP registration, aka Bug ID CSCtu73538.
|
|||||
| CVE-2013-1186 | 1 Cisco | 6 Unified Computing System 6120xp Fabric Interconnect, Unified Computing System 6140xp Fabric Interconnect, Unified Computing System 6248up Fabric Interconnect and 3 more | 2025-04-11 | 7.5 HIGH | N/A |
|
Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746.
|
|||||
| CVE-2013-1199 | 1 Cisco | 3 Adaptive Security Appliance, Adaptive Security Appliance Clientless Ssl Vpn, Adaptive Security Appliance Software | 2025-04-11 | 4.9 MEDIUM | N/A |
|
Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996.
|
|||||
| CVE-2013-3377 | 1 Cisco | 14 Ip Video Phone E20, Telepresence Codec C40, Telepresence Codec C60 and 11 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.
|
|||||
| CVE-2013-5504 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266.
|
|||||
| CVE-2010-1174 | 1 Cisco | 1 Tftp Server | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Cisco TFTP Server 1.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) read (aka RRQ) or (2) write (aka WRQ) request, or other TFTP packet. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2011-3319 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
|
Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.
|
|||||
| CVE-2012-4659 | 1 Cisco | 11 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Catalyst 6500 and 8 more | 2025-04-11 | 7.1 HIGH | N/A |
|
The AAA functionality in the IPv4 SSL VPN implementations on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.30) and 8.3 before 8.3(2.34) allows remote attackers to cause a denial of service (device reload) via a crafted authentication response, aka Bug ID CSCtz04566.
|
|||||