Filtered by vendor Cisco Subscriptions
Total 6314 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2010-1572 1 Cisco 1 Application Extension Framework 2025-04-11 N/A
Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.
CVE-2013-1246 1 Cisco 1 Telepresence System Software 2025-04-11 N/A
Cisco TelePresence System Software does not properly handle inactive t-shell sessions, which allows remote authenticated users to cause a denial of service (memory consumption and service outage) by establishing multiple SSH connections, aka Bug ID CSCug77610.
CVE-2013-1245 1 Cisco 1 Webex Social 2025-04-11 N/A
The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows remote authenticated users to bypass intended access restrictions via crafted requests, aka Bug ID CSCue67190.
CVE-2010-1571 1 Cisco 3 Customer Response Solution, Unified Contact Center Express, Unified Ip Interactive Voice Response 2025-04-11 N/A
Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.
CVE-2013-1244 1 Cisco 1 Webex Social 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in a post, aka Bug ID CSCue67199.
CVE-2013-1242 1 Cisco 1 Unified Presence Server 2025-04-11 N/A
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080.
CVE-2010-1570 1 Cisco 3 Customer Response Solution, Unified Contact Center Express, Unified Ip Interactive Voice Response 2025-04-11 N/A
The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote attackers to cause a denial of service (CTI server and Node Manager failure) via a malformed CTI message.
CVE-2010-2987 1 Cisco 2 Unified Wireless Network Solution Software, Wireless Control System Software 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless Control System (WCS) 7.x before 7.0.164, as used in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtg33854.
CVE-2013-1227 1 Cisco 1 Unified Communications Domain Manager 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCug37902.
CVE-2013-1241 1 Cisco 27 1921 Integrated Services Router, 1941 Integrated Services Router, 1941w Integrated Services Router and 24 more 2025-04-11 N/A
The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series of malformed packets, aka Bug ID CSCub92025.
CVE-2013-1240 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
The command-line interface in Cisco Unified Communications Manager (CUCM) does not properly validate input, which allows local users to read arbitrary files via unspecified vectors, aka Bug ID CSCue25770.
CVE-2010-1568 1 Cisco 1 Ironport Desktop Flag Plugin For Outlook 2025-04-11 N/A
The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook before 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote attackers to obtain cleartext contents of e-mail messages that were intended to be encrypted, aka bug 65623.
CVE-2013-1219 1 Cisco 1 Intrusion Prevention System 2025-04-11 N/A
SensorApp in Cisco Intrusion Prevention System (IPS) allows local users to cause a denial of service (Regex hardware job failure and application hang) via a (1) initiate signature upgrade, (2) initiate global correlation, (3) show statistics anomaly-detection, or (4) clear database action, aka Bug ID CSCuc74630.
CVE-2013-1218 1 Cisco 9 Asa 5500-x Series Ips Ssp Software, Asa 5585-x, Idsm-2 and 6 more 2025-04-11 N/A
Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device reload) via fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCue51272.
CVE-2010-2983 1 Cisco 1 Unified Wireless Network Solution Software 2025-04-11 N/A
The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374.
CVE-2013-1216 1 Cisco 1 Ios Xr 2025-04-11 N/A
Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption and process restart) via crafted SNMP packets, aka Bug ID CSCue31546.
CVE-2013-1215 1 Cisco 3 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 2025-04-11 N/A
The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances (ASA) 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295.
CVE-2010-1174 1 Cisco 1 Tftp Server 2025-04-11 N/A
Cisco TFTP Server 1.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) read (aka RRQ) or (2) write (aka WRQ) request, or other TFTP packet. NOTE: some of these details are obtained from third party information.
CVE-2013-1213 1 Cisco 2 Nexus 1000v, Nx-os 2025-04-11 N/A
Cisco NX-OS on the Nexus 1000V does not assign the proper priority to heartbeat messages from a Virtual Ethernet Module (VEM) to a Virtual Supervisor Module (VSM), which allows remote attackers to cause a denial of service (false VEM unavailability report) via a flood of UDP packets, aka Bug ID CSCud14840.
CVE-2013-1212 1 Cisco 2 Nexus 1000v, Nx-os 2025-04-11 N/A
The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module (VSM) to VMware vCenter communication, via a crafted certificate, aka Bug ID CSCud14837.