Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Total 6186 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4253 1 Cisco 1 Telepresence Serial Gateway 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Serial Gateway devices with software 1.0(1.42) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90728.
CVE-2015-4252 1 Cisco 1 Telepresence Isdn Gw 3241 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724.
CVE-2015-4244 1 Cisco 1 Asr 5000 Series Software 2024-11-21 7.2 HIGH N/A
The boot implementation on Cisco ASR 5000 and 5500 devices with software 14.0 allows local users to execute arbitrary Linux commands by leveraging administrative privileges for storage of these commands in a Compact Flash (CF) file, aka Bug ID CSCuu75278.
CVE-2015-4243 1 Cisco 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more 2024-11-21 6.1 MEDIUM N/A
The PPPoE establishment implementation in Cisco IOS XE 3.5.0S on ASR 1000 devices allows remote attackers to cause a denial of service (device reload) by sending malformed PPPoE Active Discovery Request (PADR) packets on the local network, aka Bug ID CSCty94202.
CVE-2015-4242 1 Cisco 1 Firesight System Software 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721.
CVE-2015-4241 1 Cisco 1 Adaptive Security Appliance Software 2024-11-21 6.1 MEDIUM N/A
Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote attackers to cause a denial of service (system reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCut52679.
CVE-2015-4240 1 Cisco 1 Ip Communicator 2024-11-21 5.0 MEDIUM N/A
Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial of service (service outage) via an unspecified URL in a GET request, aka Bug ID CSCuu37656.
CVE-2015-4239 1 Cisco 1 Adaptive Security Appliance Software 2024-11-21 6.1 MEDIUM N/A
Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers to cause a denial of service (device reload) by sending crafted OSPFv2 packets on the local network, aka Bug ID CSCus84220.
CVE-2015-4238 1 Cisco 1 Adaptive Security Appliance Software 2024-11-21 6.8 MEDIUM N/A
The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allows remote authenticated users to cause a denial of service (device reload) by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601.
CVE-2015-4237 1 Cisco 38 Mds 9100, Mds 9140, Mds 9500 and 35 more 2024-11-21 4.6 MEDIUM N/A
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
CVE-2015-4236 1 Cisco 2 Email Security Appliance, Email Security Appliance Firmware 2024-11-21 4.3 MEDIUM N/A
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood, aka Bug IDs CSCur13704 and CSCuq05636.
CVE-2015-4235 1 Cisco 2 Application Policy Infrastructure Controller \(apic\), Nx-os 2024-11-21 9.0 HIGH N/A
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j) do not properly restrict access to the APIC filesystem, which allows remote authenticated users to obtain root privileges via unspecified use of the APIC cluster-management configuration feature, aka Bug IDs CSCuu72094 and CSCuv11991.
CVE-2015-4234 1 Cisco 1 Nx-os 2024-11-21 7.2 HIGH N/A
Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.
CVE-2015-4233 1 Cisco 1 Unified Meetingplace 2024-11-21 6.5 MEDIUM N/A
SQL injection vulnerability in Cisco Unified MeetingPlace 8.6(1.2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu54037.
CVE-2015-4232 1 Cisco 16 Mds 9100, Mds 9200, Mds 9500 and 13 more 2024-11-21 4.6 MEDIUM N/A
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
CVE-2015-4231 1 Cisco 3 Nexus 7000, Nexus 7700, Nx-os 2024-11-21 3.6 LOW N/A
The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.
CVE-2015-4230 1 Cisco 1 Headend System Release 2024-11-21 7.8 HIGH N/A
Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91854.
CVE-2015-4229 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 5.0 MEDIUM N/A
The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589.
CVE-2015-4228 1 Cisco 1 Digital Content Manager 2024-11-21 5.4 MEDIUM N/A
Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad servers to cause a denial of service (reboot) via malformed ad messages, aka Bug ID CSCur13999.
CVE-2015-4227 1 Cisco 1 Headend System Release 2024-11-21 7.8 HIGH N/A
Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91838.