Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
added 2015/04/14 6:47 p.m.19 views

Multiple Cisco TelePresence Products Cross-Site Scripting Vulnerability

A vulnerability within the login page of the web user interface of Cisco TelePresence Collaboration Desk and Room Endpoints devices running TC Software could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper input validation of...

4.3CVSS6.2AI score0.01546EPSS
Exploits0References1
Cisco
Cisco
added 2015/02/17 8:24 p.m.19 views

Cisco TelePresence Multipoint Control Unit Denial of Service Vulnerability

A vulnerability in the Cisco TelePresence multipoint control unit MCU could allow an unauthenticated, remote attacker to trigger a reload of an affected system. The vulnerability is due to insufficient sanitization of TCP packets. An attacker could exploit this vulnerability by sending a sequence...

5.4CVSS6.5AI score0.01819EPSS
Exploits0References1
Cisco
Cisco
added 2014/11/05 4:17 p.m.19 views

Cisco Small Business RV Series Routers HTTP Referer Header Vulnerability

A vulnerability in the administrative web interface of the Cisco RV120W Wireless-N VPN Firewall, Cisco RV180 VPN Router, Cisco RV180W Wireless-N Multifunction VPN Router, and Cisco RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to perform a cross-site...

4.3CVSS6.8AI score0.0118EPSS
Exploits0References1
Cisco
Cisco
added 2014/07/24 4:40 p.m.19 views

Cisco TelePresence Management Interface Vulnerability

The Cisco TelePresence administrative web interface login page contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input...

4.3CVSS5.7AI score0.01488EPSS
Exploits0References1
Cisco
Cisco
added 2014/07/10 4:29 p.m.19 views

Cisco Unified Communications Manager DNA Arbitrary File Upload Vulnerability

A vulnerability in the Multiple Analyzer of the Cisco Unified Communications Manager Dialed Number Analyzer DNA could allow an authenticated, remote attacker to upload arbitrary files to a restricted location on the filesystem. The vulnerability is due to insufficient parameter validation. An...

4CVSS6.6AI score0.01805EPSS
Exploits0References1
Cisco
Cisco
added 2014/07/07 8:43 p.m.19 views

Cisco Intelligent Automation for Cloud MyServices Vulnerabilities

A vulnerability in the MyServices action of Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to acquire sensitive information. The vulnerability is due to the inclusion of sensitive information in URLs. An attacker could exploit this vulnerability by viewing...

4CVSS6.2AI score0.01783EPSS
Exploits0References1
Cisco
Cisco
added 2014/06/09 8:43 p.m.19 views

Cisco Wireless LAN Controller Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol subsystem of Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability is due to a failure to properly check for certain NULL values present in a Cisco Discovery...

5.7CVSS6.4AI score0.01022EPSS
Exploits0References1
Cisco
Cisco
added 2014/01/27 5:45 p.m.19 views

Cisco Video Surveillance 5000 Series HD IP Dome Camera Multiple Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web user interface of the Cisco Video Surveillance 5000 Series HD IP Dome Cameras could allow an unauthenticated, remote attacker to execute a cross-site scripting XSS attack. The vulnerabilities are due to insufficient validation of user-supplied input. An attacke...

4.3CVSS5.8AI score0.02233EPSS
Exploits0References1
Cisco
Cisco
added 2013/12/13 7:3 p.m.19 views

Cisco WebEx Training Center Cross-Site Request Forgery Vulnerabilities

A vulnerability in the web framework of Cisco WebEx Training Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by persuading a user to...

4.3CVSS2.4AI score0.01203EPSS
Exploits1References1
Cisco
Cisco
added 2013/12/13 2:21 p.m.19 views

Cisco WebEx Training Center Registration ID Exposure Vulnerability

A vulnerability in Cisco WebEx Training Center could allow an unauthenticated, remote attacker to gather the registration ID of other users. The vulnerability is due to inappropriate disclosure of sensitive information to unauthenticated users. An attacker could exploit this vulnerability by...

4.3CVSS3.1AI score0.02198EPSS
Exploits1References1
Cisco
Cisco
added 2013/11/15 4:34 p.m.19 views

Cisco Services Portal File Download Vulnerability

A vulnerability in the ''Files Available for Download'' window of Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to download arbitrary files from the system. The vulnerability is due to a failure to perform sufficient server-side validation of user-supplied...

6.8CVSS2.3AI score0.01128EPSS
Exploits0References1
Cisco
Cisco
added 2013/11/04 8:59 p.m.19 views

Cisco ASA CX Safe Search Policy Bypass Vulnerability

A vulnerability in the Safe Search enforcement component of Cisco ASA CX Context-Aware Security could allow an unauthenticated, remote attacker to bypass security policy enforced by the affected component. The vulnerability is due to improper implementation of the logic that should perform the...

5CVSS0.4AI score0.01246EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/12 11:20 p.m.19 views

Cisco Virtualization Experience Client Series 6000 Local Arbitrary Command Execution Vulnerability

A vulnerability in the diagnostic module of the Cisco Virtualization Experience Client 6000 Series could allow an authenticated, non-privileged, local attacker to execute arbitrary commands on the underlying operating system. The vulnerability is due to lack of input validation in the diagnostic...

6.8CVSS2.8AI score0.00311EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/12 4:9 p.m.19 views

Cisco Digital Media System DMM Open Redirect Vulnerability

Cisco Digital Media Manager DMM contains a vulnerability that could allow an unauthenticated, remote attacker to cause the DMM to issue a redirect to an arbitrary third-party URL. The vulnerability is due to an open redirect issue in the DMM login page. An attacker could exploit this vulnerabilit...

4.3CVSS1.4AI score0.01057EPSS
Exploits0References1
Cisco
Cisco
added 2013/08/02 6:56 p.m.19 views

Cisco Unified Communications Manager Stack Trace Web Disclosure Vulnerability

An issue in the web portal of Cisco Unified Communications Manager Unified CM could allow an authenticated, remote attacker to view exception stack trace details. The issue is due to disclosure of exception stack trace details. An attacker could exploit this issue by generating a stack exception ...

4CVSS1.9AI score0.00947EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/15 7:10 p.m.19 views

Cisco Secure Access Control System Help Index Cross-Site Scripting Vulnerability

A vulnerability in the Access Control System Help index page of Cisco Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input...

4.3CVSS1.8AI score0.00931EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/15 3:57 p.m.19 views

Cisco Secure Access Control System Admin/View Page Cross-Site Request Forgery Vulnerability

A vulnerability in the Cisco Access Control System ACS Administration and View pages could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by...

4.3CVSS2.7AI score0.01189EPSS
Exploits0References1
Cisco
Cisco
added 2013/07/01 3:53 p.m.19 views

Cisco TC Software SIP Implementation Vulnerability

A vulnerability in the Session Initiation Protocol SIP implementation used in TC Software could allow an unauthenticated, remoteattacker to cause an endpoint to process unintended SIP NOTIFY messages. The vulnerability is due to errors in the SIP implementation. An attacker could exploit this...

4.3CVSS1.5AI score0.00958EPSS
Exploits0References1
Cisco
Cisco
added 2013/06/26 7:33 p.m.19 views

Cisco Prime for HCS Assurance Information Disclosure Vulnerability

A vulnerability in web framework could allow an unauthenticated, remote attacker to access information about internal file system resources such as paths and names of files and directories. The vulnerability is due to insufficient security hardening of replies to crafted HTTP requests. An attacke...

5CVSS0.6AI score0.01186EPSS
Exploits0References1
Cisco
Cisco
added 2013/06/26 4:0 p.m.19 views

Multiple Vulnerabilities in Cisco Content Security Management Appliance

Cisco IronPort AsyncOS Software for Cisco Content Security Management Appliance is affected by the following vulnerabilities: Web Framework Authenticated Command Injection Vulnerability IronPort Spam Quarantine Denial of Service Vulnerability Management GUI Denial of Service Vulnerability These...

9CVSS7.7AI score0.0353EPSS
Exploits1References1
Cisco
Cisco
added 2012/04/04 4:0 p.m.19 views

Buffer Overflow Vulnerabilities in the Cisco WebEx Player

The Cisco WebEx Recording Format WRF player contains three buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx Players are applications tha...

9.3CVSS7.6AI score0.23884EPSS
Exploits1References1
Cisco
Cisco
added 2011/10/26 4:0 p.m.19 views

Buffer Overflow Vulnerabilities in the Cisco WebEx Player

Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format WRF player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx Players are applications...

7.5AI score
Exploits0References1
Cisco
Cisco
added 2011/09/14 4:0 p.m.19 views

Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities

...

3.4AI score
Exploits0References1
Cisco
Cisco
added 2011/06/10 10:7 p.m.19 views

Cisco IOS Real-time Transport Protocol Packet Processing Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on a targeted device. The vulnerability is due to errors in processing malformed packets. An unauthenticated, remote attacker could exploit the vulnerability...

7.2AI score
Exploits0References1
Cisco
Cisco
added 2011/05/25 4:0 p.m.19 views

Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

...

2.8AI score
Exploits0References1
Cisco
Cisco
added 2010/07/21 4:0 p.m.19 views

CDS Internet Streamer: Web Server Directory Traversal Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.2AI score0.03373EPSS
Exploits0References1
Cisco
Cisco
added 2009/12/16 4:0 p.m.19 views

Multiple Cisco WebEx WRF Player Vulnerabilities

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

9.3CVSS5.9AI score0.05171EPSS
Exploits1References1
Cisco
Cisco
added 2009/09/23 4:0 p.m.19 views

Cisco IOS Software Zone-Based Policy Firewall Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS6.2AI score0.02525EPSS
Exploits0References1
Cisco
Cisco
added 2008/04/16 4:0 p.m.19 views

Cisco Network Admission Control Shared Secret Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6.2AI score0.02566EPSS
Exploits0References1
Cisco
Cisco
added 2007/02/28 4:0 p.m.19 views

Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6.2AI score0.06812EPSS
Exploits0References1
Cisco
Cisco
added 2007/02/14 11:2 p.m.19 views

Cisco Firewall Services Module, PIX and ASA SIP Message Denial of Service Vulnerability

Cisco Firewall Services Module, PIX Security Appliance, and ASA Security Appliance contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists due to an error when handling SIP messages. An unauthenticated, remo...

7.8CVSS6.8AI score0.03236EPSS
Exploits0References1
Cisco
Cisco
added 2006/08/23 4:0 p.m.19 views

Unintentional Password Modification Vulnerability in Cisco Firewall Products

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7AI score
Exploits0References1
Cisco
Cisco
added 2006/06/19 11:41 p.m.19 views

Cisco CallManager Administration and User Options Web Interfaces Cross-Site Scripting Vulnerability

Cisco CallManager versions prior to 4.31, 4.23, 4.13SR4 and 3.35SR3 contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary script in the user's browser session. The vulnerability exists due to improper input sanitization in the CallManager Administration...

4.3CVSS7.2AI score0.13488EPSS
Exploits1References1
Cisco
Cisco
added 2004/01/21 5:0 p.m.19 views

Voice Product Vulnerabilities on IBM Servers

...

3.9AI score
Exploits0References1
Cisco
Cisco
added 2002/07/02 6:0 p.m.19 views

Cisco Secure ACS Unix Acme.server Information Disclosure Vulnerability

...

5CVSS1.8AI score0.09215EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2000/12/13 6:0 p.m.19 views

Cisco Catalyst SSH Protocol Mismatch Vulnerability

...

1.6AI score
Exploits0References1
Cisco
Cisco
added 2026/04/15 4:0 p.m.18 views

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting XSS attack, an open redirect attack, and an SQL injection attack. For more information about these vulnerabilities, see the Details "details" section of this advisory. Cisco has...

6.1CVSS5.8AI score0.00228EPSS
Exploits0References1
Cisco
Cisco
added 2025/09/24 4:0 p.m.18 views

Cisco Wireless Access Point Software Device Analytics Action Frame Injection Vulnerability

A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point AP Software could allow an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This vulnerability is due to insufficient verification checks of incomin...

4.3CVSS6.9AI score0.00112EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.18 views

Cisco IOS XE Wireless Controller Software Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of access point AP Cisco Discovery Protocol CDP neighbor...

7.4CVSS7.5AI score0.0019EPSS
Exploits0References1
Cisco
Cisco
added 2025/03/12 4:0 p.m.18 views

Cisco IOS XR Software Border Gateway Protocol Confederation Denial of Service Vulnerability

A vulnerability in confederation implementation for the Border Gateway Protocol BGP in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to a memory corruption that occurs when a BGP update is created with a...

8.6CVSS8.7AI score0.00922EPSS
Exploits0References1
Cisco
Cisco
added 2024/11/06 4:0 p.m.18 views

Cisco 6800, 7800, 8800, and 9800 Series Phones with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. These...

4.8CVSS5.2AI score
Exploits0References1
Cisco
Cisco
added 2024/11/06 4:0 p.m.18 views

Cisco Enterprise Chat and Email Denial of Service Vulnerability

A vulnerability in the External Agent Assignment Service EAAS feature of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of Media Routing...

7.5CVSS7.6AI score0.00639EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.18 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Persistent Local Code Execution Vulnerability

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this...

6CVSS6.5AI score0.00198EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.18 views

Cisco Secure Firewall Management Center Software HTML Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due ...

5.5CVSS5.5AI score0.00417EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/02 4:0 p.m.18 views

Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service DoS condition for individual users of the AnyConnect VPN...

5.8CVSS6AI score0.0037EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/11 4:0 p.m.18 views

Cisco IOS XR Software Dedicated XML Agent TCP Denial of Service Vulnerability

A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS on XML TCP listen port 38751. This vulnerability is due to a lack of proper error validation of ingress XML packets. An attacker could explo...

5.3CVSS5.4AI score0.00437EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/11 4:0 p.m.18 views

Cisco IOS XR Software Segment Routing for Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System IS-IS protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient...

7.4CVSS7.5AI score0.00238EPSS
Exploits0References1
Cisco
Cisco
added 2024/09/11 4:0 p.m.18 views

Cisco Routed Passive Optical Network Controller Vulnerabilities

Multiple vulnerabilities in Cisco Routed Passive Optical Network PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker to perform command injection attacks, execute arbitrary commands on the...

8.4CVSS7.3AI score0.01098EPSS
Exploits0References1
Cisco
Cisco
added 2024/08/21 4:0 p.m.18 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user o...

6.1CVSS6AI score0.00349EPSS
Exploits0References1
Cisco
Cisco
added 2024/07/17 4:0 p.m.18 views

Cisco Secure Web Appliance Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this...

8.8CVSS8.9AI score0.00164EPSS
Exploits0References1
Total number of security vulnerabilities5000