Filtered by vendor Cisco
Subscriptions
Total
6239 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-0757 | 1 Cisco | 1 Identity Services Engine Software | 2024-08-06 | N/A |
| The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140. | ||||
| CVE-2015-0755 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2024-08-06 | N/A |
| The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797. | ||||
| CVE-2015-0722 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2024-08-06 | N/A |
| The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952. | ||||
| CVE-2015-0740 | 1 Cisco | 1 Unified Intelligence Center | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus28826. | ||||
| CVE-2015-0716 | 1 Cisco | 1 Unity Connection | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659. | ||||
| CVE-2015-0739 | 1 Cisco | 10 Firesight System Software, Sourcefire 3d1000 Sensor, Sourcefire 3d2000 Sensor and 7 more | 2024-08-06 | N/A |
| The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller (BMC) file uploads via unspecified vectors, aka Bug ID CSCus87938. | ||||
| CVE-2015-0752 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635. | ||||
| CVE-2015-0759 | 1 Cisco | 1 Headend Digital Broadband Delivery System | 2024-08-06 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2015-0768 | 1 Cisco | 1 Prime Network Control System | 2024-08-06 | N/A |
| The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login session, aka Bug ID CSCur27371. | ||||
| CVE-2015-0745 | 1 Cisco | 2 Headend Digital Broadband Delivery System, Headend System Release | 2024-08-06 | N/A |
| Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909. | ||||
| CVE-2015-0734 | 1 Cisco | 1 Email Security Appliance Firmware | 2024-08-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743. | ||||
| CVE-2015-0733 | 1 Cisco | 1 Headend Digital Broadband Delivery System | 2024-08-06 | N/A |
| CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580. | ||||
| CVE-2015-0694 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2024-08-06 | N/A |
| Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806. | ||||
| CVE-2015-0754 | 1 Cisco | 1 Finesse | 2024-08-06 | N/A |
| Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810. | ||||
| CVE-2015-0712 | 1 Cisco | 4 Asr 5000, Asr 5500, Asr 5700 and 1 more | 2024-08-06 | N/A |
| The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and 14.0(600) on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and packet loss) via malformed HTTP packets, aka Bug ID CSCud14217. | ||||
| CVE-2015-0769 | 1 Cisco | 1 Ios Xr Software | 2024-08-06 | N/A |
| Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546. | ||||
| CVE-2015-0743 | 1 Cisco | 2 Headend Digital Broadband Delivery System, Headend System Release | 2024-08-06 | N/A |
| Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. | ||||
| CVE-2015-0747 | 1 Cisco | 3 Headend Digital Broadband Delivery System, Headend System Release, Videoscape Conductor | 2024-08-06 | N/A |
| Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. | ||||
| CVE-2015-0762 | 1 Cisco | 1 Unified Meetingplace | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) for Microsoft Outlook allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCuu51400. | ||||
| CVE-2015-0717 | 1 Cisco | 1 Unified Communications Manager | 2024-08-06 | N/A |
| Cisco Unified Communications Manager 10.0(1.10000.12) allows local users to gain privileges via a command string in an unspecified parameter, aka Bug ID CSCut19546. | ||||