Filtered by vendor Zyxel
Subscribe
Total
274 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-5989 | 1 Zyxel | 1 Gs1900-10hp Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStatus and Login_Success values. | |||||
| CVE-2016-1344 | 7 Cisco, Lenovo, Netgear and 4 more | 7 Ios Xe, Thinkcentre E75s Firmware, Jr6150 Firmware and 4 more | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
| The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. | |||||
| CVE-2015-6398 | 1 Zyxel | 1 Gs1900-10hp Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c) allow remote attackers to cause a denial of service (device reload) via an IPv4 ICMP packet with the IP Record Route option, aka Bug ID CSCuq57512. | |||||
| CVE-2016-1319 | 4 Samsung, Sun, Zyxel and 1 more | 4 X14j Firmware, Opensolaris, Gs1900-10hp Firmware and 1 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. | |||||
| CVE-2015-5988 | 1 Zyxel | 1 Gs1900-10hp Firmware | 2024-02-28 | 9.3 HIGH | 9.8 CRITICAL |
| The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. | |||||
| CVE-2016-1302 | 5 Cisco, Samsung, Sun and 2 more | 22 Nexus 92160yc-x, Nexus 92304qc, Nexus 9236c and 19 more | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
| Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998. | |||||
| CVE-2015-6020 | 1 Zyxel | 1 Pmg5318-b20a Firmware | 2024-02-28 | 8.3 HIGH | 8.0 HIGH |
| ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain administrative privileges by leveraging access to the user account. | |||||
| CVE-2015-6260 | 2 Cisco, Zyxel | 10 Nexus 5548p, Nexus 5548up, Nexus 5596t and 7 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645. | |||||
| CVE-2015-6019 | 1 Zyxel | 1 Pmg5318-b20a Firmware | 2024-02-28 | 5.0 MEDIUM | 8.5 HIGH |
| The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate sessions upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation. | |||||
| CVE-2015-6312 | 5 Cisco, Dell, Netgear and 2 more | 9 Telepresence Server 7010, Telepresence Server Mse 8710, Telepresence Server On Multiparty Media 310 and 6 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. | |||||
| CVE-2015-5987 | 1 Zyxel | 1 Gs1900-10hp Firmware | 2024-02-28 | 5.0 MEDIUM | 8.6 HIGH |
| Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value. | |||||
| CVE-2016-1349 | 7 Cisco, Intel, Netgear and 4 more | 7 Ios Xe, Core I5-9400f Firmware, Jr6150 Firmware and 4 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. | |||||
| CVE-2015-6313 | 4 Cisco, Sun, Zyxel and 1 more | 9 Telepresence Server 7010, Telepresence Server Mse 8710, Telepresence Server On Multiparty Media 310 and 6 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565. | |||||
| CVE-2016-1348 | 6 Cisco, Netgear, Samsung and 3 more | 6 Ios Xe, Jr6150 Firmware, X14j Firmware and 3 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821. | |||||
| CVE-2015-7283 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
| The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. | |||||
| CVE-2016-1346 | 6 Cisco, Dell, Netgear and 3 more | 6 Telepresence Server Mse 8710, Emc Powerscale Onefs, Jr6150 Firmware and 3 more | 2024-02-28 | 7.1 HIGH | 5.9 MEDIUM |
| The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. | |||||
| CVE-2016-1350 | 6 Cisco, Lenovo, Samsung and 3 more | 6 Ios Xe, Thinkcentre E75s Firmware, X14j Firmware and 3 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293. | |||||
| CVE-2016-1329 | 5 Cisco, Samsung, Sun and 2 more | 10 Nexus 3048, Nexus 3064, Nexus 3064t and 7 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800. | |||||
| CVE-2015-6016 | 1 Zyxel | 4 Nbg-418n, P-660hw-t1 2, Pmg5318-b20a Firmware and 1 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors. | |||||
| CVE-2015-5990 | 1 Zyxel | 1 Gs1900-10hp Firmware | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users. | |||||