Filtered by vendor Cisco
Subscribe
Total
6184 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-1446 | 1 Cisco | 1 Webex Meetings Server | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200. | |||||
CVE-2016-6410 | 1 Cisco | 1 Ios | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856. | |||||
CVE-2016-6365 | 1 Cisco | 1 Firepower Management Center | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.0.2, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCur25508 and CSCur25518. | |||||
CVE-2015-6366 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interface ACLs, which allows remote attackers to bypass intended network-traffic restrictions in opportunistic circumstances by using a tunnel, aka Bug ID CSCur01042. | |||||
CVE-2016-1408 | 1 Cisco | 2 Evolved Programmable Network Manager, Prime Infrastructure | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager (EPNM) 1.2 and 2.0 allow remote authenticated users to execute arbitrary commands or upload files via a crafted HTTP request, aka Bug ID CSCuz01488. | |||||
CVE-2015-6376 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2024-02-28 | 6.8 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412. | |||||
CVE-2016-1431 | 1 Cisco | 1 Firepower Management Center | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516. | |||||
CVE-2016-1362 | 1 Cisco | 1 Aireos | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCun86747. | |||||
CVE-2015-6282 | 1 Cisco | 1 Ios Xe | 2024-02-28 | 7.8 HIGH | N/A |
Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933. | |||||
CVE-2015-6334 | 1 Cisco | 1 Asr 5000 Software | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers to cause a denial of service (vpnmgr process restart) via a crafted header in a TACACS packet, aka Bug ID CSCuw01984. | |||||
CVE-2016-1352 | 1 Cisco | 1 Unified Computing System Central Software | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuv33856. | |||||
CVE-2016-6454 | 1 Cisco | 1 Hosted Collaboration Mediation Fulfillment | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A cross-site request forgery (CSRF) vulnerability in the web interface of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an unauthenticated, remote attacker to execute unwanted actions. More Information: CSCva54241. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(0.98000.216). | |||||
CVE-2016-6404 | 1 Cisco | 1 Ios | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.5(2)T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854. | |||||
CVE-2016-1468 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID CSCuv12531. | |||||
CVE-2016-6425 | 1 Cisco | 2 Unified Contact Center Express, Unified Intelligence Center | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652. | |||||
CVE-2015-6318 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2024-02-28 | 6.9 MEDIUM | N/A |
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969. | |||||
CVE-2016-1397 | 1 Cisco | 6 Rv110w Wireless-n Vpn Firewall, Rv110w Wireless-n Vpn Firewall Firmware, Rv130w Wireless-n Multifunction Vpn Router and 3 more | 2024-02-28 | 6.8 MEDIUM | 6.5 MEDIUM |
Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523. | |||||
CVE-2016-6426 | 1 Cisco | 2 Unified Contact Center Express, Unified Intelligence Center | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to create user accounts by visiting an unspecified web page, aka Bug IDs CSCuy75027 and CSCuy81653. | |||||
CVE-2016-1449 | 1 Cisco | 1 Webex Meetings Server | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711. | |||||
CVE-2016-1350 | 6 Cisco, Lenovo, Samsung and 3 more | 6 Ios Xe, Thinkcentre E75s Firmware, X14j Firmware and 3 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293. |