Filtered by vendor Cisco
Subscribe
Total
6186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-6391 | 1 Cisco | 1 Unified Sip Phone 3900 Firmware | 2024-11-21 | 7.8 HIGH | N/A |
| Cisco Unified SIP 3905 phones allow remote attackers to cause a denial of service (resource consumption and functionality loss) via a large amount of network traffic, aka Bug ID CSCuh51331. | |||||
| CVE-2015-6390 | 1 Cisco | 1 Unity Connection | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1.10) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741. | |||||
| CVE-2015-6389 | 1 Cisco | 1 Prime Collaboration Assurance | 2024-11-21 | 9.0 HIGH | N/A |
| Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707. | |||||
| CVE-2015-6388 | 1 Cisco | 1 Unified Computing System Central Software | 2024-11-21 | 5.0 MEDIUM | N/A |
| Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCux33575. | |||||
| CVE-2015-6387 | 1 Cisco | 1 Unified Computing System Central Software | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1.3(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCux33573. | |||||
| CVE-2015-6386 | 1 Cisco | 1 Web Security Appliance | 2024-11-21 | 5.0 MEDIUM | N/A |
| The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 and 8.5.1-021 allows remote attackers to cause a denial of service (CPU consumption) via FTP sessions in which the control connection is ended after data transfer, aka Bug ID CSCut94150. | |||||
| CVE-2015-6385 | 1 Cisco | 1 Ios | 2024-11-21 | 7.2 HIGH | N/A |
| The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943. | |||||
| CVE-2015-6384 | 1 Cisco | 1 Webex Meetings | 2024-11-21 | 4.3 MEDIUM | N/A |
| The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom application permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka Bug ID CSCuw86442. | |||||
| CVE-2015-6383 | 1 Cisco | 1 Ios Xe | 2024-11-21 | 7.2 HIGH | N/A |
| Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130. | |||||
| CVE-2015-6382 | 1 Cisco | 1 Asr 5000 Series Software | 2024-11-21 | 5.0 MEDIUM | N/A |
| Cisco ASR 5000 devices with software 16.0(900) allow remote attackers to cause a denial of service (telnetd process restart) via a TELNET connection, aka Bug ID CSCuv25815. | |||||
| CVE-2015-6380 | 1 Cisco | 1 Firepower Extensible Operating System | 2024-11-21 | 6.5 MEDIUM | N/A |
| An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via crafted parameters, aka Bug ID CSCux10622. | |||||
| CVE-2015-6379 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 6.8 MEDIUM | N/A |
| The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote authenticated users to cause a denial of service (device crash) via a crafted XML document, aka Bug ID CSCut14223. | |||||
| CVE-2015-6378 | 1 Cisco | 1 Dpq3925 8x4 Docsis 3.0 Wireless Residential Gateway With Embedded Digital Voice Adapter | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943. | |||||
| CVE-2015-6377 | 1 Cisco | 1 Virtual Topology System | 2024-11-21 | 7.8 HIGH | N/A |
| Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379. | |||||
| CVE-2015-6376 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412. | |||||
| CVE-2015-6375 | 1 Cisco | 1 Ios | 2024-11-21 | 2.1 LOW | N/A |
| The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010. | |||||
| CVE-2015-6374 | 1 Cisco | 1 Firepower Extensible Operating System | 2024-11-21 | 4.3 MEDIUM | N/A |
| The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, aka Bug ID CSCux10604. | |||||
| CVE-2015-6373 | 1 Cisco | 1 Firepower Extensible Operating System | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux10611. | |||||
| CVE-2015-6372 | 1 Cisco | 1 Firepower Extensible Operating System | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux10614. | |||||
| CVE-2015-6371 | 1 Cisco | 1 Firepower Extensible Operating System | 2024-11-21 | 4.0 MEDIUM | N/A |
| Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621. | |||||