Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
•added 2013/01/09 4:0 p.m.•34 views

Cisco Prime LAN Management Solution Command Execution Vulnerability

Cisco Prime LAN Management Solution LMS Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the root user. The vulnerability is due to improper validation of authentication and authorization commands...

10CVSS7.5AI score0.04635EPSS
Exploits4References1
Cisco
Cisco
•added 2012/10/10 4:0 p.m.•34 views

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

Cisco ASA 5500 Series Adaptive Security Appliances ASA and Cisco Catalyst 6500 Series ASA Services Module ASASM may be affected by the following vulnerabilities: DHCP Memory Allocation Denial of Service Vulnerability SSL VPN Authentication Denial of Service Vulnerability SIP Inspection Media Upda...

9CVSS7.4AI score
Exploits0References1
Cisco
Cisco
•added 2012/09/26 4:0 p.m.•34 views

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

A vulnerability exists in the Session Initiation Protocol SIP implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause an affected device to reload. Affected devices must be configured to process SIP messages and for pass-through...

7.8CVSS6.5AI score0.03203EPSS
Exploits0References1
Cisco
Cisco
•added 2012/06/20 4:0 p.m.•34 views

Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability

Cisco ASA 5500 Series Adaptive Security Appliances Cisco ASA and Cisco Catalyst 6500 Series ASA Services Module Cisco ASASM contain a vulnerability that may allow an unauthenticated, remote attacker to cause the reload of the affected device. Cisco has released software updates that address this...

7.8CVSS6.2AI score0.01913EPSS
Exploits0References1
Cisco
Cisco
•added 2012/04/12 9:53 p.m.•34 views

Cisco IronPort Web Security Appliance AsyncOS SSL Certificate Caching Vulnerability

Cisco IronPort Web Security Appliance AsyncOS software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks against a targeted system. The vulnerability is in the insecure SSL implementation of the affected operating system due to...

4.3CVSS6.4AI score0.00264EPSS
Exploits0References1
Cisco
Cisco
•added 2010/04/19 8:43 p.m.•34 views

Sudo sudoedit Local Command Privilege Escalation Vulnerability

Sudo contains a vulnerability that could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability exists due to an error in the affected software while matching commands due to incorrect path resolution. A local attacker with privileges to...

6CVSS6.8AI score0.00402EPSS
Exploits2References1
Cisco
Cisco
•added 2010/02/01 7:54 p.m.•34 views

Cisco Secure Desktop Remote Cross-Site Scripting Vulnerability

Cisco Secure Desktop contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to a lack of input sanitation in the Cisco Secure Desktop. An unauthenticated, remote attacker could exploit this vulnerability by...

4.3CVSS6.3AI score0.04364EPSS
Exploits2References1
Cisco
Cisco
•added 2009/07/27 4:0 p.m.•34 views

Multiple Vulnerabilities in Cisco Wireless LAN Controllers

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS5.9AI score
Exploits0References1
Cisco
Cisco
•added 2008/09/24 4:0 p.m.•34 views

Cisco 10000, uBR10012, uBR7200 Series Devices IPC Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

8.5CVSS6AI score0.03299EPSS
Exploits1References1
Cisco
Cisco
•added 2005/01/26 4:0 p.m.•34 views

Crafted Packet Causes Reload on Cisco Routers

...

6.1CVSS3.6AI score0.01701EPSS
Exploits0References1
Cisco
Cisco
•added 2004/08/27 10:0 a.m.•34 views

Cisco Telnet Denial of Service Vulnerability

A specifically crafted Transmission Control Protocol TCP connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System IOS® may block further telnet, reverse telnet, Remote Shell RSH, Secure Shell SSH, and in some cases Hypertext Transport Protocol HTTP...

5.9CVSS5.9AI score0.05133EPSS
Exploits0References1
Cisco
Cisco
•added 2004/08/25 4:0 p.m.•34 views

Multiple Vulnerabilities in Cisco Secure Access Control Server

...

7.5CVSS2.8AI score0.01798EPSS
Exploits0References1Affected Software2
Cisco
Cisco
•added 2025/04/22 9:45 p.m.•33 views

Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server: April 2025

On April 16, 2025, a critical vulnerability in the Erlang/OTP SSH server was disclosed. This vulnerability could allow an unauthenticated, remote attacker to perform remote code execution RCE on an affected device. The vulnerability is due to a flaw in the handling of SSH messages during the...

10CVSS9.9AI score0.97673EPSS
Exploits36References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•33 views

Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue

An issue with a Cisco Vulnerability Database VDB release for Cisco Firepower Threat Defense FTD Software could cause the Snort detection engine to restart unexpectedly when inspecting traffic. While the Snort detection engine is restarting, traffic could bypass Snort inspection or be dropped,...

7.1AI score
Exploits0References1
Cisco
Cisco
•added 2024/03/27 4:0 p.m.•33 views

Cisco Access Point Software Denial of Service Vulnerability

A vulnerability in the IP packet processing of Cisco Access Point AP Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of certain IPv4 packets. An attacker could...

8.6CVSS8.5AI score0.00633EPSS
Exploits0References1
Cisco
Cisco
•added 2024/03/13 4:0 p.m.•33 views

Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability

A vulnerability in the PPP over Ethernet PPPoE termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the pppma process, resulting in a denial of service DoS condition. This vulnerability is du...

7.4CVSS7.3AI score0.00336EPSS
Exploits0References1
Cisco
Cisco
•added 2024/02/28 4:0 p.m.•33 views

Cisco NX-OS Software MPLS Encapsulated IPv6 Denial of Service Vulnerability

A vulnerability with the handling of MPLS traffic for Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload. This vulnerability is due to lack of prop...

8.6CVSS8.5AI score0.00926EPSS
Exploits0References1
Cisco
Cisco
•added 2023/08/16 4:0 p.m.•33 views

ClamAV AutoIt Module Denial of Service Vulnerability

A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability ...

7.5CVSS7.3AI score0.02599EPSS
Exploits0References1
Cisco
Cisco
•added 2023/05/17 4:0 p.m.•33 views

Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected...

6.5CVSS7AI score0.01188EPSS
Exploits0References1
Cisco
Cisco
•added 2023/04/19 4:0 p.m.•33 views

Cisco BroadWorks Network Server TCP Denial of Service Vulnerability

A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service DoS condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections. An...

8.6CVSS8.4AI score0.00914EPSS
Exploits0References1
Cisco
Cisco
•added 2023/04/05 4:0 p.m.•33 views

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

6.5CVSS5.8AI score0.00917EPSS
Exploits0References1
Cisco
Cisco
•added 2023/04/05 4:0 p.m.•33 views

Cisco Webex Meetings Web UI Vulnerabilities

Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack or upload arbitrary files as recordings. For more information about these vulnerabilities, see the Details "details" section of...

5.4CVSS5.7AI score0.00452EPSS
Exploits0References1
Cisco
Cisco
•added 2023/03/22 4:0 p.m.•33 views

Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability

A vulnerability in the IPv6 DHCP DHCPv6 client module of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an...

6.8CVSS6.2AI score0.00678EPSS
Exploits0References1
Cisco
Cisco
•added 2023/03/22 4:0 p.m.•33 views

Cisco DNA Center Information Disclosure Vulnerability

A vulnerability in the implementation of the Cisco Network Plug-and-Play PnP agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. The attacker must have valid low-privileged user credentials. This vulnerability is due to improper...

4.3CVSS6.3AI score0.00407EPSS
Exploits0References1
Cisco
Cisco
•added 2023/02/22 4:0 p.m.•33 views

Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An...

4.4CVSS6.3AI score0.00251EPSS
Exploits0References1
Cisco
Cisco
•added 2023/01/11 4:0 p.m.•33 views

Cisco Industrial Network Director Vulnerabilities

Multiple vulnerabilities in Cisco Industrial Network Director IND could allow an attacker to access sensitive data or conduct cross-site scripting XSS attacks. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has released software updates...

8.8CVSS6.9AI score0.00449EPSS
Exploits0References1
Cisco
Cisco
•added 2022/09/28 4:0 p.m.•33 views

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family DHCP Processing Denial of Service Vulnerability

A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of DHCP messages. An...

8.6CVSS8AI score0.0106EPSS
Exploits0References1
Cisco
Cisco
•added 2022/07/20 4:0 p.m.•33 views

Cisco Nexus Dashboard Arbitrary File Write Vulnerability

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator...

4.9CVSS5.7AI score0.00953EPSS
Exploits0References1
Cisco
Cisco
•added 2022/04/27 4:0 p.m.•33 views

Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement...

8.6CVSS7.9AI score0.0156EPSS
Exploits0References1
Cisco
Cisco
•added 2022/01/12 4:0 p.m.•33 views

Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP and Cisco Unified Contact Center Domain Manager Unified CCDM could allow an authenticated, remote attacker to elevate their privileges to Administrator. This vulnerability is due t...

9.6CVSS9.2AI score0.01393EPSS
Exploits0References1
Cisco
Cisco
•added 2021/11/03 4:0 p.m.•33 views

Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

6.1CVSS6AI score0.0075EPSS
Exploits0References1
Cisco
Cisco
•added 2020/11/18 4:0 p.m.•33 views

Cisco IoT Field Network Director Improper Domain Access Control Vulnerability

A vulnerability in the user management functionality of Cisco IoT Field Network Director FND could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. The vulnerability is due to improper domain access control. An attacker could...

4.1CVSS4.3AI score0.0071EPSS
Exploits0References1
Cisco
Cisco
•added 2020/11/18 4:0 p.m.•33 views

Cisco Telepresence CE Software and RoomOS Software Unauthorized Token Generation Vulnerability

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. The vulnerability is due to insufficient access authorization. An attacker could exploit this...

5.5CVSS5.9AI score0.00722EPSS
Exploits0References1
Cisco
Cisco
•added 2020/11/04 4:0 p.m.•33 views

Cisco SD-WAN Software Arbitrary File Creation Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service DoS condition. The vulnerability is due to insufficient input validation for specific commands. ...

8.4CVSS8.2AI score0.0019EPSS
Exploits0References1
Cisco
Cisco
•added 2020/11/04 4:0 p.m.•33 views

Cisco TelePresence Collaboration Endpoint Software Information Disclosure Vulnerability

A vulnerability in the video endpoint API xAPI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper storage of sensitive information on an affected...

4.3CVSS4.6AI score0.00838EPSS
Exploits0References1
Cisco
Cisco
•added 2020/10/21 4:0 p.m.•33 views

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability

Update from October 22nd, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software "fs" section of this advisory. See the Cisco Adaptive Security Appliance Software...

8.6CVSS8.5AI score0.01895EPSS
Exploits0References1
Cisco
Cisco
•added 2020/09/24 4:0 p.m.•33 views

Cisco IOS XE Software Web UI Improper Input Validation Vulnerability

A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering...

4.3CVSS5AI score0.0167EPSS
Exploits0References1
Cisco
Cisco
•added 2020/09/24 4:0 p.m.•33 views

Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability

A vulnerability in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of an affected device. The...

8.6CVSS8.6AI score0.01361EPSS
Exploits0References1
Cisco
Cisco
•added 2020/09/02 4:0 p.m.•33 views

Cisco Small Business RV340 Series Routers Command Injection and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system OS as a restricted user. For more information about these vulnerabilities, s...

7.3CVSS5.7AI score0.03083EPSS
Exploits0References1
Cisco
Cisco
•added 2020/08/19 4:0 p.m.•33 views

Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulnerability

A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service DoS condition on an affected device. The vulnerability is due to incorrect processin...

6.5CVSS6.5AI score0.00566EPSS
Exploits0References1
Cisco
Cisco
•added 2020/08/19 4:0 p.m.•33 views

Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP camera. These vulnerabilities are due to missing checks when t...

8.8CVSS8.9AI score
Exploits0References1
Cisco
Cisco
•added 2020/07/15 4:0 p.m.•33 views

Cisco SD-WAN Solution Software Denial of Service Vulnerability

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit...

8.6CVSS2AI score0.01374EPSS
Exploits0References1
Cisco
Cisco
•added 2020/07/15 4:0 p.m.•33 views

Cisco RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied...

9.8CVSS2.4AI score0.43626EPSS
Exploits0References1
Cisco
Cisco
•added 2020/06/17 4:0 p.m.•33 views

Cisco TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability

A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service DoS or gain privileged access to the root filesystem. The vulnerabili...

7.2CVSS2.6AI score0.02074EPSS
Exploits0References1
Cisco
Cisco
•added 2020/06/03 4:0 p.m.•33 views

Cisco IOS XE Software Web UI Command Injection Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-suppli...

8.8CVSS2.5AI score0.03314EPSS
Exploits0References1
Cisco
Cisco
•added 2020/06/03 4:0 p.m.•33 views

Cisco IOS XE Software Command Injection Vulnerability

A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches could allow an authenticated, local attacker with root shell access to the underlying operating system OS to conduct a command injection attack during device boot. This vulnerability is due to insufficien...

6.7CVSS1.3AI score0.00612EPSS
Exploits0References1
Cisco
Cisco
•added 2020/04/15 4:0 p.m.•34 views

Cisco Wireless LAN Controller 802.11 Generic Advertisement Service Denial of Service Vulnerability

A vulnerability in the 802.11 Generic Advertisement Service GAS frame processing function of Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS. The vulnerability is due to incomple...

8.6CVSS1.2AI score0.01274EPSS
Exploits0References1
Cisco
Cisco
•added 2020/01/22 4:0 p.m.•33 views

Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities

Multiple vulnerabilities in the implementation of Border Gateway Protocol BGP Ethernet VPN EVPN functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerabilities are due to incorrect processing of BGP update...

8.6CVSS0.8AI score
Exploits0References1
Cisco
Cisco
•added 2020/01/22 4:0 p.m.•33 views

Cisco IOS XR Software BGP EVPN Operational Routes Denial of Service Vulnerability

A vulnerability in the implementation of Border Gateway Protocol BGP Ethernet VPN EVPN functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to incorrect processing of a BGP update message that...

7.4CVSS6.7AI score0.01066EPSS
Exploits0References1
Cisco
Cisco
•added 2019/05/01 4:0 p.m.•33 views

Cisco Email Security Appliance Filter Bypass Vulnerability

A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected device. The vulnerability is due to improper detection of certain content sent to an affected...

5.3CVSS1.6AI score0.01696EPSS
Exploits0References1
Total number of security vulnerabilities5000