Filtered by vendor Cisco
Subscribe
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-1440 | 1 Cisco | 1 Web Security Appliance | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468. | |||||
CVE-2016-1431 | 1 Cisco | 1 Firepower Management Center | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur25516. | |||||
CVE-2016-1375 | 1 Cisco | 1 Ip Interoperability And Collaboration System | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco IP Interoperability and Collaboration System 4.10(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy12339. | |||||
CVE-2016-6454 | 1 Cisco | 1 Hosted Collaboration Mediation Fulfillment | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
A cross-site request forgery (CSRF) vulnerability in the web interface of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an unauthenticated, remote attacker to execute unwanted actions. More Information: CSCva54241. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(0.98000.216). | |||||
CVE-2016-1460 | 1 Cisco | 1 Wireless Lan Controller Software | 2023-12-10 | 6.1 MEDIUM | 6.5 MEDIUM |
Cisco Wireless LAN Controller (WLC) devices 7.4(121.0) and 8.0(0.30220.385) allow remote attackers to cause a denial of service via crafted wireless management frames, aka Bug ID CSCun92979. | |||||
CVE-2016-1314 | 1 Cisco | 1 Unified Communications Domain Manager | 2023-12-10 | 3.5 LOW | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (CDM) 8.1(1) allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux80760. | |||||
CVE-2014-2146 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. | |||||
CVE-2016-1317 | 1 Cisco | 1 Unified Communications Manager | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098. | |||||
CVE-2016-1485 | 1 Cisco | 1 Identity Services Engine Software | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine 1.3(0.876) allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva46497. | |||||
CVE-2016-1449 | 1 Cisco | 1 Webex Meetings Server | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711. | |||||
CVE-2016-6403 | 1 Cisco | 1 Ios | 2023-12-10 | 4.3 MEDIUM | 5.9 MEDIUM |
The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912. | |||||
CVE-2016-1308 | 1 Cisco | 1 Unified Communications Manager | 2023-12-10 | 6.5 MEDIUM | 6.5 MEDIUM |
SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227. | |||||
CVE-2016-6401 | 1 Cisco | 1 Carrier Routing System | 2023-12-10 | 5.7 MEDIUM | 5.3 MEDIUM |
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via crafted IPv6-over-MPLS packets, aka Bug ID CSCva32494. | |||||
CVE-2016-1288 | 1 Cisco | 1 Web Security Appliance | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840. | |||||
CVE-2016-1344 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 7.1 HIGH | 5.9 MEDIUM |
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. | |||||
CVE-2016-6429 | 1 Cisco | 1 Ip Interoperability And Collaboration System | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. More Information: CSCva47092. Known Affected Releases: 4.10(1). | |||||
CVE-2016-6398 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
The PPTP server in Cisco IOS 15.5(3)M does not properly initialize packet buffers, which allows remote attackers to obtain sensitive information from earlier network communication by reading packet data, aka Bug ID CSCvb16274. | |||||
CVE-2016-1354 | 1 Cisco | 1 Unified Communications Domain Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCud41176. | |||||
CVE-2016-6404 | 1 Cisco | 1 Ios | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in the web framework in Cisco IOx Local Manager in IOS 15.5(2)T and IOS XE allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy19854. | |||||
CVE-2016-1439 | 1 Cisco | 1 Unified Contact Center Enterprise | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650. |