Filtered by vendor Cisco Subscriptions
Total 6314 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-1172 1 Cisco 1 Anyconnect Secure Mobility Client 2025-04-11 N/A
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.
CVE-2013-1180 1 Cisco 6 Mds 9000, Nexus 7000, Nexus 7000 10-slot and 3 more 2025-04-11 N/A
Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822.
CVE-2013-1199 1 Cisco 3 Adaptive Security Appliance, Adaptive Security Appliance Clientless Ssl Vpn, Adaptive Security Appliance Software 2025-04-11 N/A
Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996.
CVE-2013-3385 1 Cisco 4 Content Security Management, Email Security Appliance Firmware, Ironport Asyncos and 1 more 2025-04-11 N/A
The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-602; Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019; and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (system hang) via a series of (1) HTTP or (2) HTTPS requests to a management interface, aka Bug IDs CSCzv58669, CSCzv63329, and CSCzv78669.
CVE-2013-3384 1 Cisco 4 Content Security Management, Email Security Appliance Firmware, Ironport Asyncos and 1 more 2025-04-11 N/A
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550; Email Security Appliance devices before 7.1.5-104, 7.3 before 7.3.2-026, 7.5 before 7.5.2-203, and 7.6 before 7.6.3-019; and Content Security Management Appliance devices before 7.2.2-110, 7.7 before 7.7.0-213, and 7.8 and 7.9 before 7.9.1-102 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL, aka Bug IDs CSCzv85726, CSCzv44633, and CSCzv24579.
CVE-2010-1581 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 N/A
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.
CVE-2013-3383 1 Cisco 2 Ironport Asyncos, Web Security Appliance 2025-04-11 N/A
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550 allows remote authenticated users to execute arbitrary commands via crafted command-line input in a URL sent over IPv4, aka Bug ID CSCzv69294.
CVE-2013-3380 1 Cisco 1 Secure Access Control Server Solution Engine 2025-04-11 N/A
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
CVE-2010-1579 1 Cisco 19 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 16 more 2025-04-11 N/A
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922.
CVE-2013-3379 1 Cisco 1 Telepresence Tc Software 2025-04-11 N/A
The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rules that grant access to hosts, which allows remote attackers to obtain shell access with root privileges by leveraging connectivity to the management network, aka Bug ID CSCts37781.
CVE-2013-3378 1 Cisco 2 Telepresence Tc Software, Telepresence Te Software 2025-04-11 N/A
Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557.
CVE-2010-1577 1 Cisco 2 Content Delivery System, Internet Streamer 2025-04-11 N/A
Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL.
CVE-2013-3377 1 Cisco 14 Ip Video Phone E20, Telepresence Codec C40, Telepresence Codec C60 and 11 more 2025-04-11 N/A
Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.
CVE-2013-3376 1 Cisco 1 Video Surveillance Operations Manager 2025-04-11 N/A
Open redirect vulnerability in the help page in Cisco Video Surveillance Operations Manager allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCty74490.
CVE-2010-1575 1 Cisco 1 Content Services Switch 11500 2025-04-11 N/A
The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.
CVE-2013-3375 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the portal page in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCue23798.
CVE-2010-1574 1 Cisco 2 Industrial Ethernet 3000, Ios 2025-04-11 N/A
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589.
CVE-2013-2139 4 Cisco, Fedoraproject, Opensuse and 1 more 4 Libsrtp, Fedora, Opensuse and 1 more 2025-04-11 N/A
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.
CVE-2013-1247 1 Cisco 1 Prime Infrastructure 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356.
CVE-2010-1572 1 Cisco 1 Application Extension Framework 2025-04-11 N/A
Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.