Filtered by vendor Cisco
Subscribe
Total
6480 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0670 | 1 Cisco | 1 Mediasense | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686. | |||||
| CVE-2014-3340 | 1 Cisco | 1 Webex Meetmenow | 2017-08-29 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in an unspecified PHP script in the server in Cisco WebEx MeetMeNow allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCuo16166. | |||||
| CVE-2014-3366 | 1 Cisco | 1 Unified Communications Manager | 2017-08-29 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089. | |||||
| CVE-2014-2122 | 1 Cisco | 1 Hosted Collaboration Solution | 2017-08-29 | 5.0 MEDIUM | N/A |
| Memory leak in the GUI in the Impact server in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCub58999. | |||||
| CVE-2014-3367 | 1 Cisco | 1 Cisco Nexus 1000v Intercloud | 2017-08-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq90524. | |||||
| CVE-2014-3353 | 1 Cisco | 1 Ios Xr | 2017-08-29 | 7.1 HIGH | N/A |
| Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165. | |||||
| CVE-2014-3345 | 1 Cisco | 1 Transport Gateway Installation Software | 2017-08-29 | 5.0 MEDIUM | N/A |
| The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503. | |||||
| CVE-2014-3344 | 1 Cisco | 1 Transport Gateway Installation Software | 2017-08-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq31134, CSCuq31137, and CSCuq31563. | |||||
| CVE-2014-3318 | 1 Cisco | 1 Unified Communications Manager | 2017-08-29 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318. | |||||
| CVE-2014-0648 | 1 Cisco | 1 Secure Access Control System | 2017-08-29 | 10.0 HIGH | N/A |
| The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187. | |||||
| CVE-2014-0673 | 1 Cisco | 1 Video Surveillance Indoor Fixed Dome Ip Hd Camera | 2017-08-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Cisco Video Surveillance 5000 HD IP Dome cameras allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCud10943 and CSCud10950. | |||||
| CVE-2014-3293 | 1 Cisco | 2 Asr901, Ios | 2017-08-29 | 5.0 MEDIUM | N/A |
| Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sending many crafted IPv4 packets, aka Bug ID CSCuo29736. | |||||
| CVE-2014-0653 | 1 Cisco | 1 Adaptive Security Appliance | 2017-08-29 | 4.3 MEDIUM | N/A |
| The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340. | |||||
| CVE-2014-0667 | 1 Cisco | 1 Secure Access Control System | 2017-08-29 | 6.3 MEDIUM | N/A |
| The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169. | |||||
| CVE-2014-3349 | 1 Cisco | 1 Cloud Portal | 2017-08-29 | 4.0 MEDIUM | N/A |
| Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410. | |||||
| CVE-2014-3316 | 1 Cisco | 1 Unified Communications Manager | 2017-08-29 | 4.0 MEDIUM | N/A |
| The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297. | |||||
| CVE-2014-3335 | 1 Cisco | 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more | 2017-08-29 | 4.6 MEDIUM | N/A |
| Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750. | |||||
| CVE-2014-3324 | 1 Cisco | 1 Telepresence Server Software | 2017-08-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the login page in the administrative web interface in Cisco TelePresence Server Software 4.0(2.8) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCup90060. | |||||
| CVE-2013-6979 | 1 Cisco | 1 Ios Xe | 2017-08-29 | 5.4 MEDIUM | N/A |
| The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and 03.03.xxSE incorrectly relies on the Linux-IOS internal-network configuration, which allows remote attackers to bypass authentication by leveraging access to a 192.168.x.2 source IP address, aka Bug ID CSCuj90227. | |||||
| CVE-2014-3377 | 1 Cisco | 1 Ios Xr | 2017-08-29 | 4.0 MEDIUM | N/A |
| snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791. | |||||