Filtered by vendor Cisco
Subscriptions
Total
6725 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-4305 | 1 Cisco | 1 Prime Collaboration Assurance | 2025-04-12 | N/A |
| The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended system-database read restrictions, and discover credentials or SNMP communities for arbitrary tenant domains, via a crafted URL, aka Bug ID CSCus62656. | ||||
| CVE-2015-4259 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | N/A |
| The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software 1.5(3) and 1.6(0.16) has a default SSL certificate, which makes it easier for man-in-the-middle attackers to bypass cryptographic protection mechanisms by leveraging knowledge of a private key, aka Bug IDs CSCum56133 and CSCum56177. | ||||
| CVE-2015-4255 | 1 Cisco | 1 Telepresence Ip Gateway | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP Gateway devices with software 2.0(3.34) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90734. | ||||
| CVE-2014-0741 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. | ||||
| CVE-2014-0742 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464. | ||||
| CVE-2014-0745 | 1 Cisco | 1 Unified Contact Center Express Editor Software | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502. | ||||
| CVE-2016-1300 | 1 Cisco | 1 Unity Connection | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC) 10.5(2.3009) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux82582. | ||||
| CVE-2016-1390 | 1 Cisco | 2 Prime Network Analysis Module Software, Prime Virtual Network Analysis Module Software | 2025-04-12 | N/A |
| Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892. | ||||
| CVE-2014-2104 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113. | ||||
| CVE-2014-2108 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426. | ||||
| CVE-2014-2109 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494. | ||||
| CVE-2014-2111 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996. | ||||
| CVE-2014-2112 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357. | ||||
| CVE-2014-2113 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540. | ||||
| CVE-2014-2114 | 1 Cisco | 1 Emergency Responder | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384. | ||||
| CVE-2014-2115 | 1 Cisco | 1 Emergency Responder | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250. | ||||
| CVE-2014-2116 | 1 Cisco | 1 Emergency Responder | 2025-04-12 | N/A |
| Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882. | ||||
| CVE-2014-2119 | 1 Cisco | 3 Content Security Management Appliance, Email Security Appliance Firmware, Ironport Asyncos | 2025-04-12 | N/A |
| The End User Safelist/Blocklist (aka SLBL) service in Cisco AsyncOS Software for Email Security Appliance (ESA) before 7.6.3-023 and 8.x before 8.0.1-023 and Cisco Content Security Management Appliance (SMA) before 7.9.1-110 and 8.x before 8.1.1-013 allows remote authenticated users to execute arbitrary code with root privileges via an FTP session that uploads a modified SLBL database file, aka Bug IDs CSCug79377 and CSCug80118. | ||||
| CVE-2014-3292 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199. | ||||
| CVE-2016-1391 | 1 Cisco | 2 Prime Network Analysis Module Software, Prime Virtual Network Analysis Module Software | 2025-04-12 | 8.8 High |
| Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889. | ||||