Filtered by vendor Cisco
Subscribe
Total
6072 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-5475 | 1 Cisco | 2 Ios, Ios Xe | 2013-10-07 | 7.8 HIGH | N/A |
| Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561. | |||||
| CVE-2013-5474 | 1 Cisco | 1 Ios | 2013-10-07 | 7.8 HIGH | N/A |
| Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812. | |||||
| CVE-2013-1190 | 1 Cisco | 1 Unified Computing System | 2013-10-07 | 5.0 MEDIUM | N/A |
| The C-Series Rack Server component 1.4 in Cisco Unified Computing System (UCS) does not properly restrict inbound access to ports, which allows remote attackers to cause a denial of service (Integrated Management Controller reboot or hang) via crafted packets, as demonstrated by nmap, aka Bug ID CSCtx19850. | |||||
| CVE-2012-4104 | 1 Cisco | 1 Unified Computing System | 2013-10-03 | 6.6 MEDIUM | N/A |
| Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to overwrite or delete arbitrary files via a full pathname in an image header, aka Bug ID CSCtq02706. | |||||
| CVE-2012-4110 | 1 Cisco | 1 Unified Computing System | 2013-10-03 | 6.8 MEDIUM | N/A |
| run-script in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560. | |||||
| CVE-2012-4111 | 1 Cisco | 1 Unified Computing System | 2013-10-03 | 6.8 MEDIUM | N/A |
| The create certreq command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86563. | |||||
| CVE-2013-5503 | 1 Cisco | 1 Ios Xr | 2013-10-03 | 7.8 HIGH | N/A |
| The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon detecting full packet queues, which allows remote attackers to cause a denial of service (memory consumption) via UDP packets to listening ports, aka Bug ID CSCue69413. | |||||
| CVE-2012-0340 | 1 Cisco | 1 Ironport Encryption Appliance | 2013-10-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface on the Cisco IronPort Encryption Appliance with software before 6.5.3 allows remote attackers to inject arbitrary web script or HTML via the header parameter to the default URI under admin/, aka bug ID 72410. | |||||
| CVE-2012-4109 | 1 Cisco | 1 Unified Computing System | 2013-10-03 | 6.8 MEDIUM | N/A |
| The clear sshkey command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86559. | |||||
| CVE-2012-4102 | 1 Cisco | 1 Unified Computing System | 2013-10-03 | 6.8 MEDIUM | N/A |
| The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600. | |||||
| CVE-2013-5501 | 1 Cisco | 1 Mediasense | 2013-10-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328. | |||||
| CVE-2013-5500 | 1 Cisco | 1 Mediasense | 2013-10-02 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuj23320, CSCuj23324, CSCuj23333, and CSCuj23338. | |||||
| CVE-2012-4096 | 1 Cisco | 1 Unified Computing System | 2013-10-01 | 6.2 MEDIUM | N/A |
| The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574. | |||||
| CVE-2013-5472 | 1 Cisco | 2 Ios, Ios Xe | 2013-09-30 | 7.1 HIGH | N/A |
| The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. | |||||
| CVE-2013-5487 | 1 Cisco | 1 Prime Data Center Network Manager | 2013-09-23 | 7.8 HIGH | N/A |
| DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029. | |||||
| CVE-2013-3473 | 1 Cisco | 1 Prime Central For Hosted Collaboration Solution Assurance | 2013-09-23 | 7.8 HIGH | N/A |
| The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote attackers to discover usernames and passwords via an HTTP request, aka Bug ID CSCud32600. | |||||
| CVE-2013-1130 | 2 Apple, Cisco | 2 Mac Os X, Anyconnect Secure Mobility Client | 2013-09-23 | 6.8 MEDIUM | N/A |
| Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak permissions for a library directory, which allows local users to gain privileges via a crafted library file, aka Bug ID CSCue33619. | |||||
| CVE-2013-1121 | 1 Cisco | 1 Nx-os | 2013-09-20 | 5.4 MEDIUM | N/A |
| The regex engine in the BGP implementation in Cisco NX-OS, when a complex regular expression is configured for inbound routes, allows remote attackers to cause a denial of service (device reload) via a crafted AS path set, aka Bug ID CSCuf49554. | |||||
| CVE-2013-3446 | 1 Cisco | 1 Digital Media Manager | 2013-09-13 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849. | |||||
| CVE-2013-5482 | 1 Cisco | 1 Prime Lan Management Solution | 2013-09-13 | 4.3 MEDIUM | N/A |
| Cisco Prime LAN Management Solution (LMS) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCug77823. | |||||