| CVE-2013-5487 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029. |
| CVE-2013-3473 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote atta… |
| CVE-2013-3462 |
high |
— |
8.5 |
|
|
cisco |
13y ago |
Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(2) allows remote authenticated use… |
| CVE-2013-3461 |
high |
— |
7.1 |
|
|
cisco |
13y ago |
Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause … |
| CVE-2013-3460 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(1) allows remote attackers to cause a denial of service (service… |
| CVE-2013-3459 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malfor… |
| CVE-2013-3390 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Memory leak in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of… |
| CVE-2013-3389 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to… |
| CVE-2013-3388 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets to… |
| CVE-2013-3387 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allows remote attackers to cause a denial of service (disk consumption) via a flood of TCP packets to p… |
| CVE-2013-3453 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (m… |
| CVE-2013-3431 |
high |
— |
8.8 |
EXP |
|
cisco |
13y ago |
Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and … |
| CVE-2013-3429 |
high |
— |
8.8 |
EXP |
|
cisco |
13y ago |
Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broa… |
| CVE-2013-3411 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 module allow remote attackers to cause a denial of service (device hang) via malfo… |
| CVE-2013-3410 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote attackers to cause a denial of service (device reload) via malformed IPv4 packets that trigger incorr… |
| CVE-2013-3404 |
high |
— |
7.5 |
|
|
cisco |
13y ago |
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discove… |
| CVE-2013-1243 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1… |
| CVE-2013-1218 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device… |
| CVE-2013-3379 |
high |
— |
8.3 |
|
|
cisco |
13y ago |
The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privil… |
| CVE-2013-3378 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557. |
| CVE-2013-3377 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743. |
| CVE-2013-1236 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing TCP connections at a high rate, aka Bug… |
| CVE-2013-1225 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to read arbitrary files via a Resource Manager (1) HTTP or (2) HTTPS request containing an external entit… |
| CVE-2013-1224 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (… |
| CVE-2013-1223 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via … |
| CVE-2013-1222 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbit… |
| CVE-2013-1220 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVIT… |
| CVE-2013-1177 |
high |
— |
7.5 |
|
|
cisco |
13y ago |
SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a… |
| CVE-2013-1176 |
high |
— |
7.1 |
|
|
cisco |
13y ago |
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate … |
| CVE-2013-1170 |
high |
— |
7.5 |
|
|
cisco |
13y ago |
The Cisco Prime Network Control System (NCS) appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the con… |
| CVE-2013-1168 |
high |
— |
7.6 |
|
|
cisco |
13y ago |
The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action,… |
| CVE-2013-1155 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of… |
| CVE-2013-1149 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.1… |
| CVE-2013-1163 |
high |
— |
7.5 |
|
|
cisco |
13y ago |
Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via … |
| CVE-2013-1137 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua899… |
| CVE-2013-1135 |
high |
— |
7.1 |
|
|
cisco |
13y ago |
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messag… |
| CVE-2013-1134 |
high |
— |
7.1 |
|
|
cisco |
13y ago |
The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, … |
| CVE-2013-1133 |
high |
— |
7.8 |
|
|
cisco |
13y ago |
Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and… |
| CVE-2012-5416 |
high |
— |
7.8 |
|
|
cisco |
14y ago |
Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before 7.1MR1 Patch 1, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 allows remote attackers to cause a denial of service (daemon han… |
| CVE-2012-3949 |
high |
— |
7.8 |
|
|
cisco |
14y ago |
The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2… |
| CVE-2012-3060 |
high |
— |
7.8 |
|
|
cisco |
14y ago |
Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers to cause a denial of service (CPU consumption) via malformed UDP packets, aka Bug ID CSCtz76269. |
| CVE-2012-4629 |
high |
— |
7.8 |
|
|
cisco |
14y ago |
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to caus… |
| CVE-2012-3935 |
high |
— |
7.8 |
|
|
cisco |
14y ago |
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted … |
| CVE-2012-3074 |
high |
— |
8.3 |
|
|
cisco |
14y ago |
An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request … |
| CVE-2012-3073 |
high |
— |
7.8 |
|
|
cisco |
14y ago |
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to… |
| CVE-2012-2486 |
high |
— |
8.3 |
|
|
cisco |
14y ago |
The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1… |
| CVE-2012-3063 |
high |
— |
7.1 |
|
|
cisco |
14y ago |
Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode is enabled, does not properly share a management IP address among multiple contexts, which allows r… |
| CVE-2012-0356 |
high |
— |
7.8 |
|
|
cisco |
14y ago |
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(… |
| CVE-2012-0367 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segmen… |
| CVE-2012-0359 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
The Cisco Cius with software before 9.2(1) SR2 allows remote attackers to cause a denial of service (device crash or hang) via malformed network traffic, aka Bug ID CSCto71445. |
| CVE-2012-0331 |
high |
— |
7.5 |
|
|
cisco |
15y ago |
Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE… |
| CVE-2012-0330 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. |
| CVE-2011-4486 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before … |
| CVE-2012-0364 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload reques… |
| CVE-2011-4500 |
high |
— |
7.5 |
|
|
cisco |
15y ago |
The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer… |
| CVE-2011-4499 |
high |
— |
7.5 |
|
|
cisco |
15y ago |
The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before … |
| CVE-2011-0941 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attack… |
| CVE-2011-3318 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Video Surveillance 2421 and 2500 series cameras with software 1.1.x and 2.x before 2.4.0 and Video Surveillance 2600 series cameras with software before 4.2.0-13 allow remote attackers to cause… |
| CVE-2011-3315 |
high |
— |
8.8 |
EXP |
|
cisco |
15y ago |
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (… |
| CVE-2011-2584 |
high |
— |
7.5 |
|
|
cisco |
15y ago |
Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows remote attackers to access the (1) Encoders and Pull Configurations, (2) Push Configurations, (3) Video Encoding Formats, and (4) … |
| CVE-2011-3305 |
high |
— |
8.8 |
EXP |
|
cisco |
15y ago |
Directory traversal vulnerability in Cisco Network Admission Control (NAC) Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755. |
| CVE-2011-3303 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 b… |
| CVE-2011-3302 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 b… |
| CVE-2011-3301 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 b… |
| CVE-2011-3300 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 b… |
| CVE-2011-3299 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 b… |
| CVE-2011-3298 |
high |
— |
7.9 |
|
|
cisco |
15y ago |
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 b… |
| CVE-2011-3297 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when certain authentication configurations are used, allows remote attacke… |
| CVE-2011-3296 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when IPv6 is used, allows remote attackers to cause a denial of service (m… |
| CVE-2011-3288 |
high |
7.5 |
7.5 |
|
|
cisco |
15y ago |
Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process cr… |
| CVE-2011-3287 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Cisco Jabber Extensible Communications Platform (aka Jabber XCP) 2.x through 5.4.x before 5.4.0.27581 and 5.8.x before 5.8.1.27561 does not properly detect recursion during entity expansion, which al… |
| CVE-2011-2072 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.… |
| CVE-2011-2577 |
high |
— |
8.8 |
EXP |
|
cisco |
15y ago |
Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to … |
| CVE-2011-2564 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8… |
| CVE-2011-2563 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8… |
| CVE-2011-2562 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1) allows rem… |
| CVE-2011-2561 |
high |
— |
7.1 |
|
|
cisco |
15y ago |
The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain sit… |
| CVE-2011-2560 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial … |
| CVE-2011-2041 |
high |
— |
7.2 |
|
|
cisco |
15y ago |
The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain pri… |
| CVE-2011-2039 |
high |
— |
8.6 |
EXP |
|
cisco |
15y ago |
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.… |
| CVE-2011-1649 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash)… |
| CVE-2011-0960 |
high |
— |
8.5 |
EXP |
|
cisco |
15y ago |
Multiple SQL injection vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 allow remote attackers to execute arbitrary SQL commands via (1) the CCMs parameter to iptm/PRTestCreation… |
| CVE-2011-1609 |
high |
— |
9.5 |
EXP |
|
cisco |
15y ago |
SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote… |
| CVE-2011-1606 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote a… |
| CVE-2011-1605 |
high |
— |
7.8 |
|
|
cisco |
15y ago |
Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su2, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote … |
| CVE-2011-1604 |
high |
— |
7.1 |
|
|
cisco |
15y ago |
Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1) allows remote attackers … |
| CVE-2011-0392 |
high |
— |
7.5 |
|
|
cisco |
16y ago |
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on T… |
| CVE-2011-0391 |
high |
— |
7.8 |
|
|
cisco |
16y ago |
Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad h… |
| CVE-2011-0390 |
high |
— |
7.8 |
|
|
cisco |
16y ago |
The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service (process cra… |
| CVE-2011-0389 |
high |
— |
7.8 |
|
|
cisco |
16y ago |
Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allow remote attackers to cause a denial of service (process crash) via a crafted Real-Time Transport … |
| CVE-2011-0388 |
high |
— |
7.8 |
|
|
cisco |
16y ago |
Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote ac… |
| CVE-2011-0387 |
high |
— |
8.0 |
|
|
cisco |
16y ago |
The administrative web interface on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote authenticated users to cause a denial of service or … |
| CVE-2011-0380 |
high |
— |
7.5 |
|
|
cisco |
16y ago |
Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562. |
| CVE-2011-0379 |
high |
— |
7.9 |
|
|
cisco |
16y ago |
Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; … |
| CVE-2011-0378 |
high |
— |
8.3 |
|
|
cisco |
16y ago |
The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command inje… |
| CVE-2011-0377 |
high |
— |
7.8 |
|
|
cisco |
16y ago |
Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed Te… |
| CVE-2011-0355 |
high |
— |
7.8 |
|
|
ciscovmware |
16y ago |
Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS … |
| CVE-2011-0352 |
high |
— |
7.8 |
|
|
cisco |
16y ago |
Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 allows remote attackers to cause a denial of service (device crash) via a long st… |
| CVE-2010-3037 |
high |
— |
8.5 |
|
|
cisco |
16y ago |
goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Ra… |
| CVE-2010-2835 |
high |
— |
7.8 |
|
|
cisco |
16y ago |
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7… |
