Filtered by vendor Cisco
Subscriptions
Total
6638 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-2146 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. | ||||
| CVE-2014-2143 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. | ||||
| CVE-2016-1370 | 1 Cisco | 2 Network Analysis Module, Network Analysis Module Software | 2025-04-12 | N/A |
| Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculates IPv6 payload lengths, which allows remote attackers to cause a denial of service (mond process crash and monitoring outage) via crafted IPv6 packets, aka Bug ID CSCuy37324. | ||||
| CVE-2014-8027 | 1 Cisco | 1 Secure Access Control System | 2025-04-12 | N/A |
| The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034. | ||||
| CVE-2014-2142 | 1 Cisco | 3 Cisco Ons 15454 System Software, Ons 15454, Ons 15454 System Software | 2025-04-12 | N/A |
| Cisco ONS 15454 controller cards with software 10.0 and earlier allow remote attackers to cause a denial of service (card reload) via a crafted HTTP URI, aka Bug ID CSCun06870. | ||||
| CVE-2014-2141 | 1 Cisco | 2 Cisco Ons 15454 System Software, Ons 15454 | 2025-04-12 | N/A |
| The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416. | ||||
| CVE-2016-9200 | 1 Cisco | 1 Prime Collaboration Assurance | 2025-04-12 | N/A |
| A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface. More Information: CSCut43268. Known Affected Releases: 10.5(1) 10.6. | ||||
| CVE-2016-1288 | 1 Cisco | 1 Web Security Appliance | 2025-04-12 | N/A |
| The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840. | ||||
| CVE-2016-1305 | 1 Cisco | 1 Application Policy Infrastructure Controller Enterprise Module | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511. | ||||
| CVE-2016-1301 | 1 Cisco | 2 Asa Cx Context-aware Security Software, Prime Security Manager | 2025-04-12 | N/A |
| The RBAC implementation in Cisco ASA-CX Content-Aware Security software before 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software before 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842. | ||||
| CVE-2016-1303 | 1 Cisco | 16 500 Series Switch Firmware, Sf500-24, Sf500-24p and 13 more | 2025-04-12 | N/A |
| The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330. | ||||
| CVE-2016-1304 | 1 Cisco | 1 Unity Connection | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596. | ||||
| CVE-2016-1313 | 1 Cisco | 1 Ucs Invicta C3124sa Appliance | 2025-04-12 | N/A |
| Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID CSCun71294. | ||||
| CVE-2016-1309 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meetings Server 2.5.1.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy01843. | ||||
| CVE-2016-1311 | 1 Cisco | 1 Jabber Guest | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10.6(8) allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224. | ||||
| CVE-2016-1315 | 1 Cisco | 1 Email Security Appliance Firmeware | 2025-04-12 | N/A |
| The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote attackers to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug ID CSCux45338. | ||||
| CVE-2016-1316 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
| Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362. | ||||
| CVE-2016-1320 | 1 Cisco | 1 Prime Collaboration | 2025-04-12 | N/A |
| The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286. | ||||
| CVE-2016-1326 | 1 Cisco | 1 Dpq3925 8x4 Docsis 3.0 Wireless Residential Gateway With Embedded Digital Voice Adapter | 2025-04-12 | N/A |
| The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105. | ||||
| CVE-2014-2138 | 1 Cisco | 1 Security Manager | 2025-04-12 | N/A |
| CRLF injection vulnerability in the web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCun82349. | ||||