Filtered by vendor Cisco
Subscriptions
Total
6741 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5554 | 1 Cisco | 1 Wide Area Application Services Mobile | 2025-04-11 | N/A |
| Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile before 3.5.5 allows remote attackers to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773. | ||||
| CVE-2011-1609 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtg85647. | ||||
| CVE-2011-3317 | 1 Cisco | 1 Secure Access Control Server | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtr78192. | ||||
| CVE-2010-2984 | 1 Cisco | 2 4404 Wireless Lan Controller, Unified Wireless Network Solution Software | 2025-04-11 | N/A |
| Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305. | ||||
| CVE-2010-2976 | 1 Cisco | 1 Unified Wireless Network Solution Software | 2025-04-11 | N/A |
| The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access. | ||||
| CVE-2013-3403 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454. | ||||
| CVE-2013-3431 | 1 Cisco | 1 Video Surveillance Manager | 2025-04-11 | N/A |
| Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VSMC monitoring pages, which allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv40169. | ||||
| CVE-2010-3041 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2025-04-11 | N/A |
| Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044. | ||||
| CVE-2010-3270 | 1 Cisco | 1 Webex Meeting Center | 2025-04-11 | N/A |
| Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed. | ||||
| CVE-2010-2978 | 1 Cisco | 1 Unified Wireless Network Solution Software | 2025-04-11 | N/A |
| Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660. | ||||
| CVE-2011-2584 | 1 Cisco | 1 Show And Share | 2025-04-11 | N/A |
| Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows remote attackers to access the (1) Encoders and Pull Configurations, (2) Push Configurations, (3) Video Encoding Formats, and (4) Transcoding administration pages, and cause a denial of service (live event outage) or obtain potentially sensitive information, via unspecified vectors, aka Bug ID CSCto73758. | ||||
| CVE-2013-1114 | 1 Cisco | 1 Unity Express Software | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527. | ||||
| CVE-2012-3936 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | N/A |
| Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962. | ||||
| CVE-2012-3938 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | N/A |
| Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583. | ||||
| CVE-2012-3939 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | N/A |
| Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331. | ||||
| CVE-2012-3940 | 1 Cisco | 1 Webex Recording Format Player | 2025-04-11 | N/A |
| Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958. | ||||
| CVE-2013-6981 | 1 Cisco | 1 Ios Xe | 2025-04-11 | N/A |
| Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709. | ||||
| CVE-2013-1205 | 1 Cisco | 1 Webex Meetings Server | 2025-04-11 | N/A |
| The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords via crafted URLs, aka Bug ID CSCue62485. | ||||
| CVE-2013-1246 | 1 Cisco | 1 Telepresence System Software | 2025-04-11 | N/A |
| Cisco TelePresence System Software does not properly handle inactive t-shell sessions, which allows remote authenticated users to cause a denial of service (memory consumption and service outage) by establishing multiple SSH connections, aka Bug ID CSCug77610. | ||||
| CVE-2013-1247 | 1 Cisco | 1 Prime Infrastructure | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356. | ||||