Filtered by vendor Cisco
Subscriptions
Total
6724 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-0681 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine (ISE) 1.2 patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via a report containing a crafted URL that is not properly handled during generation of report-output pages, aka Bug ID CSCui15064. | ||||
| CVE-2011-2546 | 1 Cisco | 4 Sa500 Software, Sa520, Sa520w and 1 more | 2025-04-11 | N/A |
| SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669. | ||||
| CVE-2011-2547 | 1 Cisco | 4 Sa500 Software, Sa520, Sa520w and 1 more | 2025-04-11 | N/A |
| The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681. | ||||
| CVE-2011-2578 | 1 Cisco | 1 Ios | 2025-04-11 | N/A |
| Memory leak in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption) via malformed SIP packets on a NAT interface, aka Bug ID CSCts12366. | ||||
| CVE-2011-2549 | 1 Cisco | 3 Asr 9006 Router, Asr 9010 Router, Ios Xr | 2025-04-11 | N/A |
| Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco Aggregation Services Routers (ASR) 9000 series devices allows remote attackers to cause a denial of service (line-card reload) via an IPv4 packet, aka Bug ID CSCtr26695. | ||||
| CVE-2011-2395 | 1 Cisco | 1 Ios | 2025-04-11 | N/A |
| The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated by (1) a packet in which the first fragment contains a long Destination Options extension header or (2) a packet in which the first fragment contains an ICMPv6 Echo Request message. | ||||
| CVE-2011-2072 | 1 Cisco | 3 Ios, Ios Xe, Unified Communications Manager | 2025-04-11 | N/A |
| Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686. | ||||
| CVE-2011-2060 | 1 Cisco | 2 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software | 2025-04-11 | N/A |
| The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service (reload without configuration) via a crafted description, aka Bug ID CSCtq50523. | ||||
| CVE-2011-2059 | 1 Cisco | 1 Ios | 2025-04-11 | N/A |
| The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219. | ||||
| CVE-2011-2058 | 1 Cisco | 1 Ios | 2025-04-11 | 7.5 High |
| The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336. | ||||
| CVE-2011-2041 | 2 Cisco, Microsoft | 3 Anyconnect Secure Mobility Client, Windows, Windows Mobile | 2025-04-11 | N/A |
| The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556. | ||||
| CVE-2011-2024 | 1 Cisco | 1 Cns Network Registrar | 2025-04-11 | N/A |
| Cisco Network Registrar before 7.2 has a default administrative password, which makes it easier for remote attackers to obtain access via a TCP session, aka Bug ID CSCsm50627. | ||||
| CVE-2012-0365 | 1 Cisco | 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more | 2025-04-11 | N/A |
| Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories via unspecified vectors, aka Bug ID CSCtw56009. | ||||
| CVE-2014-0665 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCul83904. | ||||
| CVE-2013-6965 | 1 Cisco | 1 Webex Training Center | 2025-04-11 | N/A |
| The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183. | ||||
| CVE-2012-0364 | 1 Cisco | 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more | 2025-04-11 | N/A |
| Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495. | ||||
| CVE-2012-0363 | 1 Cisco | 12 Small Business Srp520-u Series Firmware, Small Business Srp520 Series Firmware, Small Business Srp521w and 9 more | 2025-04-11 | N/A |
| The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability," aka Bug ID CSCtt46871. | ||||
| CVE-2012-3908 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684. | ||||
| CVE-2013-1216 | 1 Cisco | 1 Ios Xr | 2025-04-11 | N/A |
| Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption and process restart) via crafted SNMP packets, aka Bug ID CSCue31546. | ||||
| CVE-2011-1651 | 1 Cisco | 1 Ios Xr | 2025-04-11 | N/A |
| Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. | ||||