Filtered by vendor Cisco
Subscribe
Total
6186 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-5553 | 1 Cisco | 1 Ios | 2024-11-21 | 7.8 HIGH | N/A |
| Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote attackers to cause a denial of service (memory consumption or device reload) by sending a crafted SIP message over (1) IPv4 or (2) IPv6, aka Bug IDs CSCuc42558 and CSCug25383. | |||||
| CVE-2013-5552 | 1 Cisco | 2 Content Services Gateway, Ios | 2024-11-21 | 6.4 MEDIUM | N/A |
| Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143. | |||||
| CVE-2013-5551 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 6.3 MEDIUM | N/A |
| Cisco Adaptive Security Appliance (ASA) Software, when certain same-security-traffic and management-access options are enabled, allows remote authenticated users to cause a denial of service (stack overflow and device reload) by using the clientless SSL VPN portal for internal-resource browsing, aka Bug ID CSCui51199. | |||||
| CVE-2013-5550 | 1 Cisco | 1 Unified Computing System | 2024-11-21 | 4.6 MEDIUM | N/A |
| The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via crafted command parameters that trigger hardware-component write operations, aka Bug ID CSCtq86549. | |||||
| CVE-2013-5549 | 1 Cisco | 1 Ios Xr | 2024-11-21 | 7.1 HIGH | N/A |
| Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote attackers to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCuh30380. | |||||
| CVE-2013-5548 | 1 Cisco | 1 Ios | 2024-11-21 | 4.3 MEDIUM | N/A |
| The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795. | |||||
| CVE-2013-5547 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2024-11-21 | 7.8 HIGH | N/A |
| Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269. | |||||
| CVE-2013-5546 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2024-11-21 | 7.8 HIGH | N/A |
| The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509. | |||||
| CVE-2013-5545 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2024-11-21 | 7.8 HIGH | N/A |
| The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936. | |||||
| CVE-2013-5544 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 5.4 MEDIUM | N/A |
| The VPN authentication functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (device reload) by sending many username-from-cert IKE requests, aka Bug ID CSCua91108. | |||||
| CVE-2013-5543 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2024-11-21 | 7.8 HIGH | N/A |
| Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470. | |||||
| CVE-2013-5542 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | 8.5 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8) allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets, aka Bug ID CSCui77398. | |||||
| CVE-2013-5541 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2024-11-21 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the file-upload interface in Cisco Identity Services Engine (ISE) allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename, aka Bug ID CSCui67495. | |||||
| CVE-2013-5540 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2024-11-21 | 6.8 MEDIUM | N/A |
| The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk consumption and administration-interface outage) by uploading many files, aka Bug ID CSCui67519. | |||||
| CVE-2013-5539 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2024-11-21 | 6.0 MEDIUM | N/A |
| The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file, aka Bug ID CSCui67511. | |||||
| CVE-2013-5538 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2024-11-21 | 5.0 MEDIUM | N/A |
| The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via a direct request, aka Bug ID CSCui67506. | |||||
| CVE-2013-5537 | 1 Cisco | 3 Content Security Management Appliance, Email Security Appliance Firmware, Web Security Appliance | 2024-11-21 | 7.8 HIGH | N/A |
| The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a denial of service (management GUI outage) via multiple TCP connections, aka Bug IDs CSCuj59411, CSCuf89818, and CSCuh05635. | |||||
| CVE-2013-5536 | 1 Cisco | 1 Secure Access Control System | 2024-11-21 | 5.0 MEDIUM | N/A |
| Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote attackers to cause a denial of service (process crash) via a flood of crafted packets, aka Bug ID CSCui51521. | |||||
| CVE-2013-5535 | 1 Cisco | 3 Video Surveillance 4000 Ip Camera, Video Surveillance 4300e Ip Camera, Video Surveillance 4500e Ip Camera | 2024-11-21 | 6.4 MEDIUM | N/A |
| The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded credentials, which allows remote attackers to watch the video feed by leveraging knowledge of the password, aka Bug IDs CSCuj70402 and CSCuj70419. | |||||
| CVE-2013-5534 | 1 Cisco | 1 Unity Connection | 2024-11-21 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for a file that is not a valid audio file, aka Bug ID CSCuj22948. | |||||