| CVE-2017-3814 |
medium |
5.8 |
5.8 |
|
|
cisco |
10y ago |
A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More I… |
| CVE-2017-3810 |
medium |
5.4 |
5.4 |
|
|
cisco |
10y ago |
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected s… |
| CVE-2017-3809 |
medium |
5.8 |
5.8 |
|
|
cisco |
10y ago |
A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule ba… |
| CVE-2017-3806 |
medium |
5.3 |
5.3 |
|
|
cisco |
10y ago |
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to injec… |
| CVE-2017-3790 |
high |
8.6 |
8.6 |
|
|
cisco |
10y ago |
A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a re… |
| CVE-2017-3823 |
high |
8.8 |
9.8 |
EXP |
|
cisco |
10y ago |
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plug… |
| CVE-2017-3802 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affect… |
| CVE-2017-3800 |
medium |
5.8 |
5.8 |
|
|
cisco |
10y ago |
A vulnerability in the content scanning engine of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured message or cont… |
| CVE-2017-3799 |
medium |
5.4 |
5.4 |
|
|
cisco |
10y ago |
A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. More Information: CSCzu78401. Known Affected Releases: T2… |
| CVE-2017-3798 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS att… |
| CVE-2017-3797 |
medium |
5.3 |
5.3 |
|
|
cisco |
10y ago |
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. More Information: CSCv… |
| CVE-2017-3796 |
high |
7.2 |
7.2 |
|
|
cisco |
10y ago |
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Relea… |
| CVE-2017-3795 |
medium |
5.4 |
5.4 |
|
|
cisco |
10y ago |
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. More Information: CSCuz03345. K… |
| CVE-2017-3794 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user. More Information: … |
| CVE-2016-9222 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a us… |
| CVE-2016-9218 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
A vulnerability in Cisco Hybrid Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. More Inform… |
| CVE-2016-9216 |
medium |
5.3 |
5.3 |
|
|
cisco |
10y ago |
An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More … |
| CVE-2016-9224 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts. More Information: CSCvc31635. Known Affected Releases: 10.… |
| CVE-2016-9217 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products. Mo… |
| CVE-2016-9214 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface… |
| CVE-2016-9212 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect… |
| CVE-2016-9211 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in TCP port management in Cisco ONS 15454 Series Multiservice Provisioning Platforms could allow an unauthenticated, remote attacker to cause the controller card to unexpectedly reloa… |
| CVE-2016-9210 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file … |
| CVE-2016-9209 |
medium |
4.3 |
4.3 |
|
|
cisco |
10y ago |
A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following… |
| CVE-2016-9208 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files i… |
| CVE-2016-9207 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full t… |
| CVE-2016-9206 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in the ccmadmin page of Cisco Unified Communications Manager (CUCM) could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. More Infor… |
| CVE-2016-9204 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account. Affected Products: Cisco Nexus … |
| CVE-2016-9203 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. Mor… |
| CVE-2016-9202 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XS… |
| CVE-2016-9200 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the… |
| CVE-2016-9199 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulne… |
| CVE-2016-9198 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. More… |
| CVE-2016-9193 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypas… |
| CVE-2016-9192 |
high |
7.8 |
7.8 |
|
|
cisco |
10y ago |
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to t… |
| CVE-2016-6471 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage P… |
| CVE-2016-6470 |
high |
7.8 |
7.8 |
|
|
cisco |
10y ago |
A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Kno… |
| CVE-2016-6469 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the… |
| CVE-2016-6468 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform ar… |
| CVE-2016-6467 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected relo… |
| CVE-2016-6465 |
medium |
4.3 |
4.3 |
|
|
cisco |
10y ago |
A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker … |
| CVE-2016-6464 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages th… |
| CVE-2016-6449 |
high |
7.8 |
7.8 |
|
|
cisco |
10y ago |
A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAM… |
| CVE-2016-1411 |
medium |
5.9 |
5.9 |
|
|
cisco |
10y ago |
A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SM… |
| CVE-2016-6472 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager (CallManager) could allow an unauthenticated, remote attacker to launch a cross-site scripting (XSS) at… |
| CVE-2016-6466 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels fr… |
| CVE-2016-6460 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass F… |
| CVE-2016-6459 |
medium |
5.5 |
5.5 |
|
|
cisco |
10y ago |
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: C… |
| CVE-2016-6457 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS)… |
| CVE-2016-6454 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
A cross-site request forgery (CSRF) vulnerability in the web interface of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an unauthenticated, remote attacker to execute u… |
| CVE-2016-6453 |
high |
7.3 |
7.3 |
|
|
cisco |
10y ago |
A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CS… |
| CVE-2016-6451 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
Multiple vulnerabilities in the web framework code of the Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against… |
| CVE-2016-6430 |
high |
7.8 |
7.8 |
|
|
cisco |
10y ago |
A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated … |
| CVE-2016-6429 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in the web framework code of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) att… |
| CVE-2016-6372 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and W… |
| CVE-2016-6360 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial den… |
| CVE-2016-6358 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in local FTP to the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition when the FTP application … |
| CVE-2016-6357 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the configured security policies, including drop email filtering, in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypas… |
| CVE-2016-6356 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to sto… |
| CVE-2016-1486 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the email attachment scanning functionality of the Advanced Malware Protection (AMP) feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenti… |
| CVE-2016-1481 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS)… |
| CVE-2016-1480 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauth… |
| CVE-2016-1423 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
A vulnerability in the display of email messages in the Messages in Quarantine (MIQ) view in Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to … |
| CVE-2016-6446 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. More Information: CSCvb03308. Known Affected Release… |
| CVE-2016-6444 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bridge user. More Information: CSCvb03308. … |
| CVE-2016-6443 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by exe… |
| CVE-2016-6442 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the we… |
| CVE-2016-6440 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
The Cisco Unified Communications Manager (CUCM) may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to a clickjacking attack. More Information… |
| CVE-2016-6439 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software before 6.0.1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) … |
| CVE-2016-6437 |
medium |
5.9 |
5.9 |
|
|
cisco |
10y ago |
A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to … |
| CVE-2016-6436 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
Cross-site scripting (XSS) vulnerability in HostScan Engine 3.0.08062 through 3.1.14018 in the Cisco Host Scan package, as used in ASA Web VPN, allows remote attackers to inject arbitrary web script … |
| CVE-2016-6435 |
medium |
6.5 |
7.5 |
EXP |
|
cisco |
10y ago |
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376. |
| CVE-2016-6434 |
high |
7.8 |
8.8 |
EXP |
|
cisco |
10y ago |
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370. |
| CVE-2016-6433 |
high |
8.8 |
9.8 |
EXP |
|
cisco |
10y ago |
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug … |
| CVE-2016-6427 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote atta… |
| CVE-2016-6425 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers t… |
| CVE-2016-6426 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers… |
| CVE-2016-6418 |
medium |
6.1 |
6.1 |
|
|
cisco |
10y ago |
Cross-site scripting (XSS) vulnerability in Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.0 through 3.4.0 allows remote attackers to inject arbitrary web script or HTML via a crafted… |
| CVE-2016-6417 |
high |
8.8 |
8.8 |
|
|
cisco |
10y ago |
Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management Center allows remote attackers to hijack the authentication of arbitra… |
| CVE-2016-6416 |
medium |
5.9 |
5.9 |
|
|
cisco |
10y ago |
The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Manageme… |
| CVE-2016-6420 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
Cisco FireSIGHT System Software 4.10.3 through 5.4.0 in Firepower Management Center allows remote authenticated users to bypass authorization checks and gain privileges via a crafted HTTP request, ak… |
| CVE-2016-6419 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
SQL injection vulnerability in Cisco Firepower Management Center 4.10.3 through 5.4.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCur2548… |
| CVE-2016-6413 |
high |
7.8 |
7.8 |
|
|
cisco |
10y ago |
The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors… |
| CVE-2016-6411 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote attackers to bypass intended do-not-decrypt settin… |
| CVE-2016-6408 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML Externa… |
| CVE-2016-6373 |
high |
7.2 |
7.2 |
|
|
cisco |
10y ago |
The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated administrators to execute arbitrary OS commands as root via crafted platform commands, aka Bug ID CSCva00… |
| CVE-2016-1483 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID C… |
| CVE-2016-6405 |
medium |
6.5 |
6.5 |
|
|
cisco |
10y ago |
Cisco Fog Director 1.0(0) for IOx allows remote authenticated users to bypass intended access restrictions and write to arbitrary files via the Cartridge interface, aka Bug ID CSCuz89368. |
| CVE-2016-6402 |
high |
7.8 |
7.8 |
|
|
cisco |
10y ago |
UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263. |
| CVE-2016-1482 |
high |
8.1 |
8.1 |
|
|
cisco |
10y ago |
Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. |
| CVE-2016-6407 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges… |
| CVE-2016-6401 |
medium |
5.3 |
5.3 |
|
|
cisco |
10y ago |
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via crafte… |
| CVE-2016-6399 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
Cisco ACE30 Application Control Engine Module through A5 3.3 and ACE 4700 Application Control Engine appliances through A5 3.3 allow remote attackers to cause a denial of service (device reload) via … |
| CVE-2016-6396 |
medium |
5.3 |
5.3 |
|
|
cisco |
10y ago |
Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1, when certain malware blocking options are enabled, allow remote attackers to bypass malware detection via crafte… |
| CVE-2016-6395 |
medium |
5.4 |
5.4 |
|
|
cisco |
10y ago |
Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Management Center before 6.1 and FireSIGHT System Software before 6.1 allows remote authenticated use… |
| CVE-2016-6371 |
high |
7.5 |
7.5 |
|
|
cisco |
10y ago |
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote attackers to write to arbitrary files via a crafte… |
| CVE-2016-6370 |
medium |
4.3 |
4.3 |
|
|
cisco |
10y ago |
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) 10.6(3) and earlier allows remote authenticated users to read arbitrary files via a … |
| CVE-2016-6375 |
medium |
5.3 |
5.3 |
|
|
cisco |
10y ago |
Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sendi… |
| CVE-2016-6377 |
high |
8.1 |
8.1 |
|
|
cisco |
10y ago |
Media Origination System Suite Software 2.6 and earlier in Cisco Virtual Media Packager (VMP) allows remote attackers to bypass authentication and make arbitrary Platform and Applications Manager (PA… |
| CVE-2016-1464 |
high |
7.8 |
8.8 |
EXP |
|
cisco |
10y ago |
Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375. |
