Filtered by vendor Cisco
Subscribe
Total
5838 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6976 | 1 Cisco | 1 Epc3925 | 2016-09-15 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496. | |||||
| CVE-2013-6704 | 1 Cisco | 1 Ios Xe | 2016-09-15 | 7.1 HIGH | N/A |
| Cisco IOS XE does not properly manage memory for TFTP UDP flows, which allows remote attackers to cause a denial of service (memory consumption) via TFTP (1) client or (2) server traffic, aka Bug IDs CSCuh09324 and CSCty42686. | |||||
| CVE-2013-6705 | 1 Cisco | 2 Ios, Ios Xe | 2016-09-15 | 6.1 MEDIUM | N/A |
| The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (IPDT AVL corruption and device reload) via a crafted sequence of ARP packets, aka Bug ID CSCuh38133. | |||||
| CVE-2013-6709 | 1 Cisco | 1 Webex Training Center | 2016-09-15 | 5.0 MEDIUM | N/A |
| The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111. | |||||
| CVE-2013-6701 | 1 Cisco | 8 Cisco Ons 15454 System Software, Ons 15454, Ons 15454 Mspp and 5 more | 2016-09-15 | 5.0 MEDIUM | N/A |
| The tNetTaskLimit process on the Transport Node Controller (TNC) on Cisco ONS 15454 devices with software 9.6 and earlier does not properly prioritize health pings, which allows remote attackers to cause a denial of service (watchdog timeout and TNC reset) via a flood of network traffic, aka Bug ID CSCud97155. | |||||
| CVE-2013-6702 | 1 Cisco | 2 Ons 15454, Ons 15454 Firmware | 2016-09-15 | 4.3 MEDIUM | N/A |
| The management implementation on Cisco ONS 15454 controller cards with software 9.8 and earlier allows remote attackers to cause a denial of service (card reset) via crafted packets, aka Bug ID CSCtz50902. | |||||
| CVE-2013-6703 | 1 Cisco | 1 Ons 15454 | 2016-09-15 | 7.1 HIGH | N/A |
| The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787. | |||||
| CVE-2013-6690 | 1 Cisco | 1 Prime Collaboration | 2016-09-15 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web interface in the Assurance component in Cisco Prime Collaboration allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCui92643, CSCui94038, and CSCui94161. | |||||
| CVE-2014-0731 | 1 Cisco | 1 Unified Communications Manager | 2016-09-09 | 5.0 MEDIUM | N/A |
| The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497. | |||||
| CVE-2014-0738 | 1 Cisco | 1 Adaptive Security Appliance Software | 2016-09-09 | 4.3 MEDIUM | N/A |
| The Phone Proxy component in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66770. | |||||
| CVE-2013-6974 | 1 Cisco | 1 Secure Access Control System | 2016-09-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud89431. | |||||
| CVE-2012-4073 | 1 Cisco | 1 Unified Computing System | 2016-09-09 | 5.8 MEDIUM | N/A |
| The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332. | |||||
| CVE-2014-0718 | 1 Cisco | 1 Ips Sensor Software | 2016-09-08 | 7.1 HIGH | N/A |
| The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266. | |||||
| CVE-2014-0720 | 1 Cisco | 1 Ips Sensor Software | 2016-09-08 | 7.1 HIGH | N/A |
| Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944. | |||||
| CVE-2014-0719 | 1 Cisco | 1 Ips Sensor Software | 2016-09-08 | 7.8 HIGH | N/A |
| The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394. | |||||
| CVE-2014-0709 | 1 Cisco | 1 Ucs Director | 2016-09-08 | 9.3 HIGH | N/A |
| Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930. | |||||
| CVE-2014-3294 | 1 Cisco | 1 Webex Meetings Server | 2016-09-08 | 4.0 MEDIUM | N/A |
| Cisco WebEx Meeting Server does not properly restrict the content of URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81691. | |||||
| CVE-2014-3295 | 1 Cisco | 1 Nx-os | 2016-09-08 | 4.8 MEDIUM | N/A |
| The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass authentication and cause a denial of service (group-member state modification and traffic blackholing) via malformed HSRP packets, aka Bug ID CSCup11309. | |||||
| CVE-2014-3292 | 1 Cisco | 1 Unified Communications Manager | 2016-09-08 | 5.5 MEDIUM | N/A |
| The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199. | |||||
| CVE-2014-3291 | 1 Cisco | 1 Wireless Lan Controller | 2016-09-07 | 5.7 MEDIUM | N/A |
| Cisco Wireless LAN Controller (WLC) devices allow remote attackers to cause a denial of service (NULL pointer dereference and device restart) via a zero value in Cisco Discovery Protocol packet data that is not properly handled during SNMP polling, aka Bug ID CSCuo12321. | |||||