ReportizFlow
Filtered by vendor Cisco
Subscriptions
Total
6724 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-0642 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951. | ||||
| CVE-2015-6322 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-12 | N/A |
| The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563. | ||||
| CVE-2015-6317 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | N/A |
| Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926. | ||||
| CVE-2015-0652 | 1 Cisco | 3 Expressway Software, Telepresence Conductor, Telepresence Video Communication Server Software | 2025-04-12 | N/A |
| The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192. | ||||
| CVE-2015-6310 | 1 Cisco | 1 Unified Communications Manager Im And Presence Service | 2025-04-12 | N/A |
| The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request, aka Bug ID CSCuw31632. | ||||
| CVE-2015-4256 | 1 Cisco | 1 Telepresence Ip Vcr 3.0 | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP VCR devices with software 3.0(1.27) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90736. | ||||
| CVE-2015-6302 | 1 Cisco | 1 Wireless Lan Controller Software | 2025-04-12 | N/A |
| The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and 7.0(252.0) allows remote attackers to disconnect arbitrary sessions via crafted Disconnect-Request UDP packets, aka Bug ID CSCuw29419. | ||||
| CVE-2015-6287 | 1 Cisco | 1 Web Security Virtual Appliance | 2025-04-12 | N/A |
| Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907. | ||||
| CVE-2012-0360 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376. | ||||
| CVE-2012-4638 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318. | ||||
| CVE-2012-4651 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451. | ||||
| CVE-2012-4658 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447. | ||||
| CVE-2015-4198 | 1 Cisco | 1 Web Security Appliance | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified HTTP header, aka Bug ID CSCuu24409. | ||||
| CVE-2015-0654 | 1 Cisco | 1 Intrusion Prevention System | 2025-04-12 | N/A |
| Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of service (process hang) by establishing many HTTPS sessions, aka Bug ID CSCuq40652. | ||||
| CVE-2016-6358 | 1 Cisco | 1 Email Security Appliance | 2025-04-12 | N/A |
| A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application unexpectedly quits. More Information: CSCux68539. Known Affected Releases: 9.1.0-032 9.7.1-000. Known Fixed Releases: 9.1.1-038. | ||||
| CVE-2015-4550 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance (ASA) devices with software 9.3(3) and 9.4(1.1) does not verify the AES-GCM Integrity Check Value (ICV) octets, which makes it easier for man-in-the-middle attackers to spoof IPSec and IKEv2 traffic by modifying packet data, aka Bug ID CSCuu66218. | ||||
| CVE-2016-6417 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCva21636. | ||||
| CVE-2015-6267 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2025-04-12 | N/A |
| Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted L2TP packet, aka Bug IDs CSCsw95722 and CSCsw95496. | ||||
| CVE-2015-6262 | 1 Cisco | 1 Prime Infrastructure | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2(0.103) and 2.0(0.0) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCum49054 and CSCum49059. | ||||
| CVE-2015-4194 | 1 Cisco | 1 Webex Meeting Center | 2025-04-12 | N/A |
| The web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending on whether the username exists or corresponds to a privileged account, which allows remote attackers to enumerate account names and obtain sensitive information via a series of requests, aka Bug ID CSCuf28861. | ||||