Filtered by vendor Cisco
Subscribe
Total
6480 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6409 | 1 Cisco | 1 Ios | 2017-07-30 | 4.3 MEDIUM | 7.5 HIGH |
| The Data in Motion (DMo) component in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service (out-of-bounds access) via crafted traffic, aka Bug ID CSCuy54015. | |||||
| CVE-2016-6403 | 1 Cisco | 1 Ios | 2017-07-30 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912. | |||||
| CVE-2016-6427 | 1 Cisco | 2 Unified Contact Center Express, Unified Intelligence Center | 2017-07-30 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuy75036 and CSCuy81654. | |||||
| CVE-2016-6417 | 1 Cisco | 1 Firesight System Software | 2017-07-30 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCva21636. | |||||
| CVE-2016-6407 | 1 Cisco | 1 Web Security Appliance | 2017-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219. | |||||
| CVE-2016-6426 | 1 Cisco | 2 Unified Contact Center Express, Unified Intelligence Center | 2017-07-30 | 4.3 MEDIUM | 7.5 HIGH |
| The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to create user accounts by visiting an unspecified web page, aka Bug IDs CSCuy75027 and CSCuy81653. | |||||
| CVE-2016-6378 | 1 Cisco | 1 Ios Xe | 2017-07-30 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853. | |||||
| CVE-2016-6373 | 1 Cisco | 1 Cloud Services Platform 2100 | 2017-07-30 | 9.0 HIGH | 7.2 HIGH |
| The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated administrators to execute arbitrary OS commands as root via crafted platform commands, aka Bug ID CSCva00541. | |||||
| CVE-2016-6421 | 1 Cisco | 1 Ios Xr | 2017-07-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643. | |||||
| CVE-2016-6428 | 1 Cisco | 1 Ios Xr | 2017-07-30 | 7.2 HIGH | 7.8 HIGH |
| Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349. | |||||
| CVE-2016-6379 | 1 Cisco | 2 Ios, Ios Xe | 2017-07-30 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089. | |||||
| CVE-2016-6414 | 1 Cisco | 1 Ios | 2017-07-30 | 7.2 HIGH | 7.8 HIGH |
| iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223. | |||||
| CVE-2016-6391 | 1 Cisco | 1 Ios | 2017-07-30 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036. | |||||
| CVE-2016-1483 | 1 Cisco | 1 Webex Meetings Server | 2017-07-30 | 7.8 HIGH | 7.5 HIGH |
| Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704. | |||||
| CVE-2016-6406 | 1 Cisco | 1 Email Security Appliance Firmware | 2017-07-30 | 10.0 HIGH | 9.8 CRITICAL |
| Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client before 1.0.2-065 is installed, allows remote attackers to obtain root access via a connection to the testing/debugging interface, aka Bug ID CSCvb26017. | |||||
| CVE-2015-6392 | 1 Cisco | 40 Nexus 5010, Nexus 5020, Nexus 5548p and 37 more | 2017-07-30 | 7.8 HIGH | 7.5 HIGH |
| Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171. | |||||
| CVE-2016-6402 | 1 Cisco | 1 Unified Computing System | 2017-07-30 | 7.2 HIGH | 7.8 HIGH |
| UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263. | |||||
| CVE-2016-6425 | 1 Cisco | 2 Unified Contact Center Express, Unified Intelligence Center | 2017-07-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652. | |||||
| CVE-2016-1482 | 1 Cisco | 1 Webex Meetings Server | 2017-07-30 | 9.3 HIGH | 8.1 HIGH |
| Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. | |||||
| CVE-2016-6410 | 1 Cisco | 1 Ios | 2017-07-30 | 6.8 MEDIUM | 6.5 MEDIUM |
| The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856. | |||||