Filtered by vendor Cisco
Subscribe
Total
6540 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0338 | 1 Cisco | 1 Ios | 2025-04-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113. | |||||
| CVE-2012-1312 | 1 Cisco | 1 Ios | 2025-04-11 | 7.1 HIGH | N/A |
| The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (device reload) via crafted transit traffic, aka Bug IDs CSCtq64987 and CSCtu57226. | |||||
| CVE-2013-1110 | 1 Cisco | 1 Webex Training Center | 2025-04-11 | 4.0 MEDIUM | N/A |
| Cisco WebEx Training Center allow remote authenticated users to bypass intended privilege restrictions and (1) enable or (2) disable training-center recordings via a crafted URL, aka Bug ID CSCzu81065. | |||||
| CVE-2013-5537 | 1 Cisco | 3 Content Security Management Appliance, Email Security Appliance Firmware, Web Security Appliance | 2025-04-11 | 7.8 HIGH | N/A |
| The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a denial of service (management GUI outage) via multiple TCP connections, aka Bug IDs CSCuj59411, CSCuf89818, and CSCuh05635. | |||||
| CVE-2009-4916 | 1 Cisco | 1 Asa 5580 | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka Bug ID CSCsq80095. | |||||
| CVE-2013-3402 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 6.5 MEDIUM | N/A |
| An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440. | |||||
| CVE-2013-5555 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to cause a denial of service (service restart) via a crafted SIP message, aka Bug ID CSCub54349. | |||||
| CVE-2013-5509 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | 10.0 HIGH | N/A |
| The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, aka Bug ID CSCuf52468. | |||||
| CVE-2010-1571 | 1 Cisco | 3 Customer Response Solution, Unified Contact Center Express, Unified Ip Interactive Voice Response | 2025-04-11 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295. | |||||
| CVE-2010-0581 | 1 Cisco | 1 Ios | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." | |||||
| CVE-2013-1123 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuc65411 and CSCue18706. | |||||
| CVE-2013-1225 | 1 Cisco | 1 Unified Customer Voice Portal | 2025-04-11 | 7.8 HIGH | N/A |
| Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to read arbitrary files via a Resource Manager (1) HTTP or (2) HTTPS request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCub38366. | |||||
| CVE-2012-2496 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-11 | 6.8 MEDIUM | N/A |
| A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR7 on 64-bit Linux platforms does not properly restrict use of Java components, which allows remote attackers to execute arbitrary code via a crafted web site, aka Bug ID CSCty45925. | |||||
| CVE-2012-3940 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | 9.3 HIGH | N/A |
| Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958. | |||||
| CVE-2013-5481 | 1 Cisco | 1 Ios | 2025-04-11 | 7.1 HIGH | N/A |
| The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817. | |||||
| CVE-2012-1328 | 1 Cisco | 2 Unified Ip Phone, Unified Ip Phone Firmware | 2025-04-11 | 4.6 MEDIUM | N/A |
| Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237. | |||||
| CVE-2013-5477 | 1 Cisco | 1 Ios | 2025-04-11 | 7.8 HIGH | N/A |
| The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465. | |||||
| CVE-2012-4086 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | 5.1 MEDIUM | N/A |
| A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790. | |||||
| CVE-2013-3429 | 1 Cisco | 1 Video Surveillance Manager | 2025-04-11 | 7.8 HIGH | N/A |
| Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163. | |||||
| CVE-2010-4692 | 1 Cisco | 3 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause a denial of service (device crash) via a large number of LAN-to-LAN (aka L2L) IPsec sessions, aka Bug ID CSCth36592. | |||||