Filtered by vendor Cisco
Subscribe
Total
6072 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3272 | 1 Cisco | 1 Tidal Enterprise Scheduler | 2016-09-07 | 6.0 MEDIUM | N/A |
| The Agent in Cisco Tidal Enterprise Scheduler (TES) 6.1 and earlier allows local users to gain privileges via crafted Tidal Job Buffers (TJB) parameters, aka Bug ID CSCuo33074. | |||||
| CVE-2014-3271 | 1 Cisco | 1 Ios Xr | 2016-09-07 | 5.0 MEDIUM | N/A |
| The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149. | |||||
| CVE-2014-3270 | 1 Cisco | 1 Ios Xr | 2016-09-07 | 5.0 MEDIUM | N/A |
| The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924. | |||||
| CVE-2014-3267 | 1 Cisco | 1 Security Manager | 2016-09-07 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make unspecified changes, aka Bug ID CSCuo46427. | |||||
| CVE-2014-3265 | 1 Cisco | 1 Security Manager | 2016-09-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Auto Update Server (AUS) web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuo06900. | |||||
| CVE-2014-3263 | 1 Cisco | 1 Ios | 2016-09-07 | 5.4 MEDIUM | N/A |
| The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038. | |||||
| CVE-2014-3262 | 1 Cisco | 2 Ios, Ios Xe | 2016-09-07 | 4.3 MEDIUM | N/A |
| The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782. | |||||
| CVE-2014-3290 | 1 Cisco | 1 Ios Xe | 2016-09-06 | 4.8 MEDIUM | N/A |
| The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the network or overwrite networking-services data via a crafted mDNS response, aka Bug ID CSCun64867. | |||||
| CVE-2016-1335 | 1 Cisco | 1 Asr 5000 Series Software | 2016-08-04 | 7.1 HIGH | 7.5 HIGH |
| The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492. | |||||
| CVE-2016-1390 | 1 Cisco | 2 Prime Network Analysis Module Software, Prime Virtual Network Analysis Module Software | 2016-08-04 | 7.2 HIGH | 7.8 HIGH |
| Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892. | |||||
| CVE-2016-1340 | 1 Cisco | 1 Unified Computing System Platform Emulator | 2016-07-29 | 7.2 HIGH | 8.4 HIGH |
| Heap-based buffer overflow in Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837. | |||||
| CVE-2016-1339 | 1 Cisco | 1 Unified Computing System Platform Emulator | 2016-07-29 | 7.2 HIGH | 7.8 HIGH |
| Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted arguments on a ucspe-copy command line, aka Bug ID CSCux68832. | |||||
| CVE-2016-1451 | 1 Cisco | 1 Meeting Server | 2016-07-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. | |||||
| CVE-2016-1424 | 1 Cisco | 1 Ios | 2016-06-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132. | |||||
| CVE-2016-1431 | 1 Cisco | 1 Firepower Management Center | 2016-06-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516. | |||||
| CVE-2016-1432 | 1 Cisco | 1 Ios Xe | 2016-06-20 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router devices allows remote authenticated users to cause a denial of service (NULL pointer dereference and card restart) via a crafted SNMP request, aka Bug ID CSCuu68862. | |||||
| CVE-2016-1418 | 1 Cisco | 7 Aironet 1830e, Aironet 1830i, Aironet 1850e and 4 more | 2016-06-15 | 7.2 HIGH | 7.8 HIGH |
| Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037. | |||||
| CVE-2016-1420 | 1 Cisco | 2 Application Infrastructure Controller, Application Policy Infrastructure Controller Firmware | 2016-06-10 | 7.2 HIGH | 7.8 HIGH |
| The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347. | |||||
| CVE-2016-1403 | 1 Cisco | 1 Ip Phone 8800 Series Firmware | 2016-06-07 | 7.2 HIGH | 7.8 HIGH |
| CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005. | |||||
| CVE-2016-1413 | 1 Cisco | 1 Firepower Management Center | 2016-05-31 | 4.0 MEDIUM | 6.5 MEDIUM |
| The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote authenticated users to modify pages by placing crafted code in a parameter value, aka Bug ID CSCuy76517. | |||||