Filtered by vendor Cisco
Subscriptions
Total
6329 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3063 | 1 Cisco | 1 Application Control Engine Software | 2025-04-11 | N/A |
| Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode is enabled, does not properly share a management IP address among multiple contexts, which allows remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances, and read or modify configuration settings, via a login attempt to a context, aka Bug ID CSCts30631, a different vulnerability than CVE-2012-3058. | ||||
| CVE-2012-3073 | 1 Cisco | 15 Telepresence Manager, Telepresence Multipoint Switch, Telepresence Multipoint Switch Software and 12 more | 2025-04-11 | N/A |
| The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338. | ||||
| CVE-2012-3094 | 2 Cisco, Linux | 2 Anyconnect Secure Mobility Client, Linux Kernel | 2025-04-11 | N/A |
| The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 on Linux accepts arbitrary X.509 server certificates without user interaction, which allows remote attackers to obtain sensitive information via vectors involving an invalid certificate, aka Bug ID CSCua11967. | ||||
| CVE-2012-3937 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | N/A |
| Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967. | ||||
| CVE-2012-3908 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow remote attackers to hijack the authentication of administrators, aka Bug ID CSCty46684. | ||||
| CVE-2014-0659 | 1 Cisco | 6 Rvs4000, Rvs4000 Firmware, Wap4410n and 3 more | 2025-04-11 | N/A |
| The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685. | ||||
| CVE-2012-3923 | 1 Cisco | 1 Ios | 2025-04-11 | N/A |
| The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827. | ||||
| CVE-2012-3935 | 1 Cisco | 2 Jabber Extensible Communications Platform, Unified Presence | 2025-04-11 | N/A |
| Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832. | ||||
| CVE-2014-0660 | 1 Cisco | 1 Telepresence Isdn Gateway Software | 2025-04-11 | N/A |
| Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote attackers to cause a denial of service (D-channel call outage) via a crafted Q.931 STATUS message, aka Bug ID CSCui50360. | ||||
| CVE-2012-4079 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The XML API service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) allows remote attackers to cause a denial of service (API service outage) via a malformed XML document in a packet, aka Bug ID CSCtg48206. | ||||
| CVE-2012-4089 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| MCTOOLS in the fabric interconnect in Cisco Unified Computing System (UCS) allows local users to execute arbitrary Baseboard Management Controller (BMC) commands by leveraging (1) local, (2) shell-level, or (3) debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239. | ||||
| CVE-2012-4096 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574. | ||||
| CVE-2012-4104 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in the image-download process in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to overwrite or delete arbitrary files via a full pathname in an image header, aka Bug ID CSCtq02706. | ||||
| CVE-2012-4108 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary operating-system commands via crafted parameters to a file-related command, aka Bug ID CSCtq86554. | ||||
| CVE-2012-4114 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug ID CSCtr72949. | ||||
| CVE-2012-4116 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete the authentication process for a server connection, by sniffing the network, aka Bug ID CSCtr72970. | ||||
| CVE-2012-4117 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033. | ||||
| CVE-2012-4136 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| The high-availability service in the Fabric Interconnect component in Cisco Unified Computing System (UCS) does not properly bind the cluster service to the management interface, which allows remote attackers to obtain sensitive information or cause a denial of service (peer-syncing outage) via a TELNET connection, aka Bug ID CSCtz72910. | ||||
| CVE-2012-4617 | 1 Cisco | 3 Ios, Ios Xe, Ios Xr | 2025-04-11 | N/A |
| The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914. | ||||
| CVE-2012-4620 | 1 Cisco | 2 10008 Router, Ios | 2025-04-11 | N/A |
| Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808. | ||||