Filtered by vendor Cisco
Subscribe
Total
1630 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-1461 | 1 Cisco | 2 Asyncos, Email Security Appliance | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers to bypass malware detection via a crafted attachment in an e-mail message, aka Bug ID CSCuz14932. | |||||
CVE-2016-1421 | 1 Cisco | 2 Ip Phone, Ip Phone 8800 Series Firmware | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to check the bounds of input data. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition. | |||||
CVE-2016-1374 | 1 Cisco | 1 Unified Computing System Performance Manager | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
The web framework in Cisco Unified Computing System (UCS) Performance Manager 2.0.0 and earlier allows remote authenticated users to execute arbitrary commands via crafted parameters in a GET request, aka Bug ID CSCuy07827. | |||||
CVE-2012-0381 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCts38429. | |||||
CVE-2012-0382 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) via encapsulated IGMP data in an MSDP packet, aka Bug ID CSCtr28857. | |||||
CVE-2012-0384 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 8.5 HIGH | 7.2 HIGH |
Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access restrictions and execute commands via a (1) HTTP or (2) HTTPS session, aka Bug ID CSCtr91106. | |||||
CVE-2011-3280 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672. | |||||
CVE-2011-1640 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354. | |||||
CVE-2011-2057 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327. | |||||
CVE-2011-2058 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336. |