Filtered by vendor Cisco
Subscribe
Total
1631 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-0721 | 1 Cisco | 56 Nexus 1000v For Microsoft Hyper-v, Nexus 1000v For Vmware Vsphere, Nexus 3016 and 53 more | 2023-12-10 | 9.0 HIGH | 8.0 HIGH |
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492. | |||||
CVE-2016-6378 | 1 Cisco | 1 Ios Xe | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853. | |||||
CVE-2016-1472 | 1 Cisco | 1 Small Business 220 Series Smart Plus Switches | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request, aka Bug ID CSCuz76238. | |||||
CVE-2015-6421 | 1 Cisco | 1 Wide Area Application Services | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted network traffic, aka Bug ID CSCus85330. | |||||
CVE-2016-1383 | 1 Cisco | 2 Web Security Appliance, Web Security Appliance \(wsa\) | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305. | |||||
CVE-2016-1389 | 1 Cisco | 1 Webex Meetings Server | 2023-12-10 | 4.3 MEDIUM | 7.4 HIGH |
Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuy44695. | |||||
CVE-2016-1443 | 1 Cisco | 1 Amp Threat Grid Appliance | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample. | |||||
CVE-2016-1368 | 1 Cisco | 1 Firesight System Software | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, and on the Advanced Malware Protection (AMP) for Networks component on these appliances, allows remote attackers to cause a denial of service (packet-processing outage) via crafted packets, aka Bug ID CSCuu86214. | |||||
CVE-2016-1325 | 1 Cisco | 3 Dpc3939 Wireless Residential Voice Gateway, Dpc3939 Wireless Residential Voice Gateway Firmware, Dpc3941 Wireless Residential Voice Gateway | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. | |||||
CVE-2015-6396 | 1 Cisco | 6 Rv110w Wireless-n Vpn Firewall, Rv110w Wireless-n Vpn Firewall Firmware, Rv130w Wireless-n Multifunction Vpn Router and 3 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567. | |||||
CVE-2016-6355 | 1 Cisco | 1 Ios Xr | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791. | |||||
CVE-2016-1469 | 1 Cisco | 4 Spa300 Firmware, Spa300 Series Ip Phone, Spa500 Firmware and 1 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385. | |||||
CVE-2016-6369 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464. | |||||
CVE-2015-6393 | 1 Cisco | 30 Nexus 5010, Nexus 5020, Nexus 5548p and 27 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via malformed IPv4 DHCP packets to the DHCPv4 relay agent, aka Bug IDs CSCuq39250, CSCus21733, CSCus21739, CSCut76171, and CSCux67182. | |||||
CVE-2016-1322 | 1 Cisco | 1 Spark | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584. | |||||
CVE-2016-1381 | 1 Cisco | 1 Web Security Appliance | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270. | |||||
CVE-2016-1399 | 1 Cisco | 15 Ie-4000-16gt4g-e, Ie-4000-16t4g-e, Ie-4000-4gc4gp4g-e and 12 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA on Industrial Ethernet 4000 devices and 15.2(2)EB and 15.2(2)EB1 on Industrial Ethernet 5000 devices allows remote attackers to cause a denial of service (packet data corruption) via crafted IPv4 ICMP packets, aka Bug ID CSCuy13431. | |||||
CVE-2016-6444 | 1 Cisco | 1 Meeting Server | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bridge user. More Information: CSCvb03308. Known Affected Releases: 1.8, 1.9, 2.0. | |||||
CVE-2016-6408 | 1 Cisco | 1 Prime Home | 2023-12-10 | 4.3 MEDIUM | 7.5 HIGH |
Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCvb17814. | |||||
CVE-2016-1405 | 2 Cisco, Clamav | 3 Email Security Appliance, Web Security Appliance, Clamav | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. |