Filtered by vendor Cisco
Subscribe
Total
6547 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0143 | 1 Cisco | 2 Ironport Encryption Appliance, Ironport Postx | 2025-04-11 | 7.8 HIGH | N/A |
|
Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921.
|
|||||
| CVE-2012-3058 | 1 Cisco | 11 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Catalyst 6500 and 8 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(4.1), 8.5 before 8.5(1.11), and 8.6 before 8.6(1.3) allow remote attackers to cause a denial of service (device reload) via IPv6 transit traffic that triggers syslog message 110003, aka Bug ID CSCua27134.
|
|||||
| CVE-2012-0383 | 1 Cisco | 1 Ios | 2025-04-11 | 7.8 HIGH | N/A |
|
Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (memory consumption, and device hang or reload) via SIP packets that require translation, related to a "memory starvation vulnerability," aka Bug ID CSCti35326.
|
|||||
| CVE-2013-1188 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series of requests, aka Bug ID CSCud39515.
|
|||||
| CVE-2013-5560 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | 5.4 MEDIUM | N/A |
|
The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1.3 and earlier, when NAT64 or NAT66 is enabled, does not properly process NAT rules, which allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCue34342.
|
|||||
| CVE-2010-0603 | 1 Cisco | 1 Pgw 2200 Softswitch | 2025-04-11 | 7.8 HIGH | N/A |
|
The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030.
|
|||||
| CVE-2010-4684 | 1 Cisco | 1 Ios | 2025-04-11 | 7.1 HIGH | N/A |
|
Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877.
|
|||||
| CVE-2010-3038 | 2 Cisco, Linux | 5 Unified Videoconferencing System 5110, Unified Videoconferencing System 5110 Firmware, Unified Videoconferencing System 5115 and 2 more | 2025-04-11 | 10.0 HIGH | N/A |
|
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote attackers to obtain access via the (a) FTP or (b) SSH daemon, aka Bug ID CSCti54008.
|
|||||
| CVE-2010-2975 | 1 Cisco | 1 Unified Wireless Network Solution Software | 2025-04-11 | 2.1 LOW | N/A |
|
Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544.
|
|||||
| CVE-2012-4643 | 1 Cisco | 11 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Catalyst 6500 and 8 more | 2025-04-11 | 7.1 HIGH | N/A |
|
The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service ( ...
Show More |
|||||
| CVE-2013-1140 | 1 Cisco | 1 Security Monitoring Analysis And Response System | 2025-04-11 | 4.3 MEDIUM | N/A |
|
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093.
|
|||||
| CVE-2010-2826 | 1 Cisco | 1 Wireless Control System Software | 2025-04-11 | 9.0 HIGH | N/A |
|
SQL injection vulnerability in Cisco Wireless Control System (WCS) 6.0.x before 6.0.196.0 allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019.
|
|||||
| CVE-2013-3379 | 1 Cisco | 1 Telepresence Tc Software | 2025-04-11 | 8.3 HIGH | N/A |
|
The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781.
|
|||||
| CVE-2013-1181 | 1 Cisco | 12 Nexus 3016q, Nexus 3048, Nexus 3064t and 9 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to cause a denial of service (device reload) by sending a jumbo packet to the management interface, aka Bug IDs CSCtx17544, CSCts10593, and CSCtx95389.
|
|||||
| CVE-2012-1367 | 1 Cisco | 1 Ios | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538.
|
|||||
| CVE-2013-1149 | 1 Cisco | 5 5500 Series Adaptive Security Appliance, 6500 Series Adaptive Security Appliance, 7600 Series Adaptive Security Appliance and 2 more | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267.
|
|||||
| CVE-2013-6981 | 1 Cisco | 1 Ios Xe | 2025-04-11 | 5.4 MEDIUM | N/A |
|
Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709.
|
|||||
| CVE-2013-1197 | 1 Cisco | 1 Unified Presence | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912.
|
|||||
| CVE-2013-1189 | 1 Cisco | 1 Ubr10012 | 2025-04-11 | 5.7 MEDIUM | N/A |
|
Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified changes to IP address assignments, aka Bug ID CSCue15313.
|
|||||
| CVE-2012-4075 | 1 Cisco | 1 Nx-os | 2025-04-11 | 7.2 HIGH | N/A |
|
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788.
|
|||||
| CVE-2012-0359 | 1 Cisco | 2 Cius, Cius Software | 2025-04-11 | 7.8 HIGH | N/A |
|
The Cisco Cius with software before 9.2(1) SR2 allows remote attackers to cause a denial of service (device crash or hang) via malformed network traffic, aka Bug ID CSCto71445.
|
|||||
| CVE-2011-0387 | 1 Cisco | 2 Telepresence Multipoint Switch, Telepresence Multipoint Switch Software | 2025-04-11 | 8.0 HIGH | N/A |
|
The administrative web interface on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote authenticated users to cause a denial of service or have unspecified other impact via vectors involving access to a servlet, aka Bug ID CSCtf97164.
|
|||||
| CVE-2013-3469 | 1 Cisco | 1 Mobility Services Engine | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Cisco Mobility Services Engine does not properly set up the Oracle SSL service, which allows remote attackers to obtain an unauthenticated session to the database-replication port, and consequently obtain sensitive information, via an SSL connection, aka Bug ID CSCue50794.
|
|||||
| CVE-2010-2838 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 7.8 HIGH | N/A |
|
The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305.
|
|||||
| CVE-2012-0333 | 1 Cisco | 2 Small Business Ip Phone, Small Business Ip Phone Firmware | 2025-04-11 | 5.0 MEDIUM | N/A |
|
Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSCts08768.
|
|||||
| CVE-2012-2496 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-11 | 6.8 MEDIUM | N/A |
|
A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR7 on 64-bit Linux platforms does not properly restrict use of Java components, which allows remote attackers to execute arbitrary code via a crafted web site, aka Bug ID CSCty45925.
|
|||||
| CVE-2013-3394 | 1 Cisco | 1 Prime Network Registrar | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429.
|
|||||
| CVE-2011-2569 | 1 Cisco | 3 Nx-os, Unified Computing System, Unified Computing System Infrastructure And Unified Computing System Software | 2025-04-11 | 6.8 MEDIUM | N/A |
|
Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188.
|
|||||
| CVE-2011-0352 | 1 Cisco | 2 Linksys Wrt54gc Router, Linksys Wrt54gc Router Firmware | 2025-04-11 | 7.8 HIGH | N/A |
|
Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 allows remote attackers to cause a denial of service (device crash) via a long string in a POST request.
|
|||||
| CVE-2011-2578 | 1 Cisco | 1 Ios | 2025-04-11 | 7.8 HIGH | N/A |
|
Memory leak in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption) via malformed SIP packets on a NAT interface, aka Bug ID CSCts12366.
|
|||||
| CVE-2011-1607 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 6.5 MEDIUM | N/A |
|
Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603.
|
|||||
| CVE-2011-1609 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 8.5 HIGH | N/A |
|
SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647.
|
|||||
| CVE-2013-3442 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 4.0 MEDIUM | N/A |
|
The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive stack-trace information via unspecified vectors that trigger a stack exception, aka Bug ID CSCug34854.
|
|||||
| CVE-2012-5416 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | 7.8 HIGH | N/A |
|
Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before 7.1MR1 Patch 1, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 allows remote attackers to cause a denial of service (daemon hang) via unspecified parameters in a POST request, aka Bug ID CSCua66341.
|
|||||
| CVE-2013-3393 | 1 Cisco | 2 Jabber, Virtualization Experience Media Engine | 2025-04-11 | 5.0 MEDIUM | N/A |
|
The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117.
|
|||||
| CVE-2013-1176 | 1 Cisco | 12 Telepresence Mcu 4500 Series Software, Telepresence Mcu 4501, Telepresence Mcu 4501 Series Software and 9 more | 2025-04-11 | 7.1 HIGH | N/A |
|
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448.
|
|||||
| CVE-2013-1133 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 7.8 HIGH | N/A |
|
Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337.
|
|||||
| CVE-2013-5527 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-11 | 5.7 MEDIUM | N/A |
|
The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030.
|
|||||
| CVE-2012-5744 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCud11139 and CSCug02904.
|
|||||
| CVE-2012-4108 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | 6.8 MEDIUM | N/A |
|
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554.
|
|||||