| CVE-2026-20182 |
critical |
10.0 |
10.0 |
KEVEXP |
|
cisco |
21d ago |
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges… |
| CVE-2017-6622 |
critical |
9.8 |
10.0 |
EXP |
|
cisco |
9y ago |
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privil… |
| CVE-2016-6435 |
medium |
6.5 |
7.5 |
EXP |
|
cisco |
10y ago |
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376. |
| CVE-2016-1415 |
medium |
5.5 |
6.5 |
EXP |
|
cisco |
10y ago |
Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455. |
| CVE-2014-8008 |
medium |
— |
7.8 |
EXP |
|
cisco |
12y ago |
Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full p… |
| CVE-2013-5528 |
medium |
— |
5.0 |
EXP |
|
cisco |
13y ago |
Directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal … |
| CVE-2013-5486 |
critical |
— |
10.0 |
EXP |
|
cisco |
13y ago |
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the c… |
| CVE-2013-3430 |
critical |
— |
10.0 |
EXP |
|
cisco |
13y ago |
Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Br… |
| CVE-2013-1114 |
medium |
— |
5.3 |
EXP |
|
cisco |
14y ago |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527. |
| CVE-2013-1120 |
medium |
— |
7.8 |
EXP |
|
cisco |
14y ago |
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown v… |
| CVE-2012-0284 |
critical |
— |
10.0 |
EXP |
|
cisco |
14y ago |
Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attac… |
| CVE-2011-2544 |
low |
— |
4.5 |
EXP |
|
cisco |
15y ago |
Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP Series F9.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a c… |
| CVE-2011-2543 |
critical |
— |
10.0 |
EXP |
|
cisco |
15y ago |
Buffer overflow in the cuil component in Cisco Telepresence System Integrator C Series 4.x before TC4.2.0 allows remote authenticated users to cause a denial of service (endpoint reboot or process cr… |
| CVE-2011-0966 |
medium |
— |
7.8 |
EXP |
|
cisco |
15y ago |
Directory traversal vulnerability in cwhp/auditLog.do in the Homepage Auditing component in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to read arbitrary files via a .. (… |
| CVE-2011-0962 |
medium |
— |
5.3 |
EXP |
|
cisco |
15y ago |
Cross-site scripting (XSS) vulnerability in CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in the Common Services Device Center in Cisco Unified Operations Manager (CUOM) before 8.6 allows remote … |
| CVE-2011-0961 |
medium |
— |
5.3 |
EXP |
|
cisco |
15y ago |
Cross-site scripting (XSS) vulnerability in cwhp/device.center.do in the Help servlet in Cisco CiscoWorks Common Services 3.3 and earlier allows remote attackers to inject arbitrary web script or HTM… |
| CVE-2011-0959 |
medium |
— |
5.3 |
EXP |
|
cisco |
15y ago |
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to inject arbitrary web script or HTML via (1) the extn parameter to i… |
| CVE-2011-0951 |
medium |
— |
6.0 |
EXP |
|
cisco |
15y ago |
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecifi… |
| CVE-2011-0364 |
critical |
— |
10.0 |
EXP |
|
cisco |
16y ago |
The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameter… |
| CVE-2011-0354 |
critical |
— |
10.0 |
EXP |
|
cisco |
16y ago |
The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easi… |
| CVE-2010-3039 |
medium |
— |
7.8 |
EXP |
|
cisco |
16y ago |
/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via … |
| CVE-2010-3135 |
critical |
— |
10.0 |
EXP |
|
cisco |
16y ago |
Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab… |
| CVE-2010-1174 |
medium |
— |
6.0 |
EXP |
|
cisco |
16y ago |
Cisco TFTP Server 1.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) read (aka RRQ) or (2) write (aka WRQ) request, or other TFTP packet. NOTE: some of these d… |
| CVE-2010-0642 |
medium |
— |
6.0 |
EXP |
|
cisco |
17y ago |
Cisco Collaboration Server (CCS) 5 allows remote attackers to read the source code of JHTML files via URL encoded characters in the filename extension, as demonstrated by (1) changing .jhtml to %2Ejh… |
| CVE-2010-0641 |
medium |
— |
5.3 |
EXP |
|
cisco |
17y ago |
Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest pa… |
| CVE-2010-0440 |
medium |
— |
5.3 |
EXP |
|
cisco |
17y ago |
Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); al… |
