VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,231 total · sorted by risk
  • CVE-2012-1315Mar 29, 2012
    risk 0.00cvss epss 0.02

    Memory leak in the SIP inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit SIP traffic, aka Bug ID CSCti46171.

  • CVE-2012-1314Mar 29, 2012
    risk 0.00cvss epss 0.02

    The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit traffic, aka Bug ID CSCtt45381.

  • CVE-2012-1312Mar 29, 2012
    risk 0.00cvss epss 0.02

    The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (device reload) via crafted transit traffic, aka Bug IDs CSCtq64987 and CSCtu57226.

  • CVE-2012-1311Mar 29, 2012
    risk 0.00cvss epss 0.02

    The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through 3.4.xS before 3.4.2S, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge and service outage) via crafted RSVP packets, aka Bug ID CSCts80643.

  • CVE-2012-1310Mar 29, 2012
    risk 0.00cvss epss 0.03

    Memory leak in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted IP packets, aka Bug ID CSCto89536.

  • CVE-2012-0388Mar 29, 2012
    risk 0.00cvss epss 0.02

    Memory leak in the H.323 inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed transit H.323 traffic, aka Bug ID CSCtq45553.

  • CVE-2012-0387Mar 29, 2012
    risk 0.00cvss epss 0.02

    Memory leak in the HTTP Inspection Engine feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit HTTP traffic, aka Bug ID CSCtq36153.

  • CVE-2012-0386Mar 29, 2012
    risk 0.00cvss epss 0.03

    The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID…

  • CVE-2012-0385Mar 29, 2012
    risk 0.00cvss epss 0.03

    The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (device reload) by sending a malformed Smart Install message over TCP, aka Bug ID CSCtt16051.

  • CVE-2012-0383Mar 29, 2012
    risk 0.00cvss epss 0.02

    Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (memory consumption, and device hang or reload) via SIP packets that require translation, related to a "memory starvation vulnerability," aka Bug ID CSCti35326.

  • CVE-2012-0358Mar 15, 2012
    risk 0.00cvss epss 0.06

    Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53),…

  • CVE-2012-0356Mar 15, 2012
    risk 0.00cvss epss 0.02

    Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4…

  • CVE-2012-0355Mar 15, 2012
    risk 0.00cvss epss 0.03

    Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or…

  • CVE-2012-0354Mar 15, 2012
    risk 0.00cvss epss 0.03

    The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 through 8.2 before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before 8.4(3), 8.5 before 8.5(1.6),…

  • CVE-2012-0353Mar 15, 2012
    risk 0.00cvss epss 0.03

    The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before…

  • CVE-2012-0371Mar 1, 2012
    risk 0.00cvss epss 0.02

    Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.

  • CVE-2012-0370Mar 1, 2012
    risk 0.00cvss epss 0.01

    Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID…

  • CVE-2012-0369Mar 1, 2012
    risk 0.00cvss epss 0.02

    Cisco Wireless LAN Controller (WLC) devices with software 6.0 and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (device reload) via a sequence of IPv6 packets, aka Bug ID CSCtt07949.

  • CVE-2012-0368Mar 1, 2012
    risk 0.00cvss epss 0.01

    The administrative management interface on Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allows remote attackers to cause a denial of service (device crash) via a malformed URL in…

  • CVE-2012-0367Mar 1, 2012
    risk 0.00cvss epss 0.03

    Cisco Unity Connection before 7.1.5b(Su5), 8.0 and 8.5 before 8.5.1(Su3), and 8.6 before 8.6.2 allows remote attackers to cause a denial of service (services crash) via a series of crafted TCP segments, aka Bug ID CSCtq67899.

  • CVE-2012-0366Mar 1, 2012
    risk 0.00cvss epss 0.02

    Cisco Unity Connection before 7.1.3b(Su2) allows remote authenticated users to change the administrative password by leveraging the Help Desk Administrator role, aka Bug ID CSCtd45141.

  • CVE-2012-0359Mar 1, 2012
    risk 0.00cvss epss 0.01

    The Cisco Cius with software before 9.2(1) SR2 allows remote attackers to cause a denial of service (device crash or hang) via malformed network traffic, aka Bug ID CSCto71445.

  • CVE-2012-0331Mar 1, 2012
    risk 0.00cvss epss 0.01

    Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319.

  • CVE-2012-0330Mar 1, 2012
    risk 0.00cvss epss 0.01

    Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426.

  • CVE-2011-4487Mar 1, 2012
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before…

  • CVE-2011-4486Mar 1, 2012
    risk 0.00cvss epss 0.01

    Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers…

  • CVE-2012-0365Feb 25, 2012
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the Local TFTP file-upload application on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to upload software to arbitrary directories…

  • CVE-2012-0364Feb 25, 2012
    risk 0.00cvss epss 0.01

    Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allow remote attackers to replace the configuration file via an upload request to an unspecified URL, aka Bug ID CSCtw55495.

  • CVE-2012-0363Feb 25, 2012
    risk 0.00cvss epss 0.02

    The web interface on Cisco SRP 520 series devices with firmware before 1.1.26 and SRP 520W-U and 540 series devices with firmware before 1.2.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability,"…

  • CVE-2012-0352Feb 16, 2012
    risk 0.00cvss epss 0.01

    Cisco NX-OS 4.2.x before 4.2(1)SV1(5.1) on Nexus 1000v series switches; 4.x and 5.0.x before 5.0(2)N1(1) on Nexus 5000 series switches; and 4.2.x before 4.2.8, 5.0.x before 5.0.5, and 5.1.x before 5.1.1 on Nexus 7000 series switches allows remote attackers to cause a denial of…

  • CVE-2012-0340Feb 13, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the management interface on the Cisco IronPort Encryption Appliance with software before 6.5.3 allows remote attackers to inject arbitrary web script or HTML via the header parameter to the default URI under admin/, aka bug ID 72410.

  • CVE-2012-0329Jan 19, 2012
    risk 0.00cvss epss 0.03

    Cisco Digital Media Manager 5.2.2 and earlier, and 5.2.3, allows remote authenticated users to execute arbitrary code via vectors involving a URL and an administrative resource, aka Bug ID CSCts63878.

  • CVE-2011-4659Jan 19, 2012
    risk 0.00cvss epss 0.02

    Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different…

  • CVE-2011-4500Nov 22, 2011
    risk 0.00cvss epss 0.01

    The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests.

  • CVE-2011-4499Nov 22, 2011
    risk 0.00cvss epss 0.01

    The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a…

  • CVE-2011-4005Nov 3, 2011
    risk 0.00cvss epss 0.02

    Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W with firmware before…

  • CVE-2011-0941Nov 1, 2011
    risk 0.00cvss epss 0.01

    Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attackers to cause a denial of service (memory consumption and process failure or…

  • CVE-2011-4004Oct 27, 2011
    risk 0.00cvss epss 0.04

    Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.

  • CVE-2011-3319Oct 27, 2011
    risk 0.00cvss epss 0.03

    Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.

  • CVE-2011-3318Oct 27, 2011
    risk 0.00cvss epss 0.01

    Cisco Video Surveillance 2421 and 2500 series cameras with software 1.1.x and 2.x before 2.4.0 and Video Surveillance 2600 series cameras with software before 4.2.0-13 allow remote attackers to cause a denial of service (device reload) by sending crafted RTSP packets over TCP,…

  • CVE-2011-2569Oct 27, 2011
    risk 0.00cvss epss 0.00

    Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and…

  • CVE-2011-2060Oct 22, 2011
    risk 0.00cvss epss 0.00

    The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause…

  • CVE-2011-2059Oct 22, 2011
    risk 0.00cvss epss 0.02

    The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension…

  • CVE-2011-2042Oct 22, 2011
    risk 0.00cvss epss 0.01

    The Sybase SQL Anywhere database component in Cisco CiscoWorks Common Services 3.x and 4.x before 4.1 allows remote attackers to obtain potentially sensitive information about the engine name and database port via an unspecified request to UDP port 2638, aka Bug ID CSCsk35018.

  • CVE-2011-2585Oct 20, 2011
    risk 0.00cvss epss 0.02

    Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows remote authenticated users to upload and execute arbitrary code by leveraging video upload privileges, aka Bug ID CSCto69857.

  • CVE-2011-2584Oct 20, 2011
    risk 0.00cvss epss 0.02

    Cisco Show and Share 5(2), 5.2(1), and 5.2(2) before 5.2(2.1) allows remote attackers to access the (1) Encoders and Pull Configurations, (2) Push Configurations, (3) Video Encoding Formats, and (4) Transcoding administration pages, and cause a denial of service (live event…

  • CVE-2011-3294Oct 19, 2011
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the login page in the administrative interface on Cisco TelePresence Video Communication Servers (VCS) with software before X7.0 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header, aka Bug ID…

  • CVE-2011-3304Oct 6, 2011
    risk 0.00cvss epss 0.03

    Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.2 before 7.2(5.3), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2), and 8.5…

  • CVE-2011-3303Oct 6, 2011
    risk 0.00cvss epss 0.02

    Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before…

  • CVE-2011-3302Oct 6, 2011
    risk 0.00cvss epss 0.02

    Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before…

Page 128 of 145