VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,231 total · sorted by risk
  • CVE-2018-0372HigJul 18, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS)…

  • CVE-2018-0346HigJul 18, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in…

  • CVE-2018-0385HigJul 16, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The…

  • CVE-2018-0370HigJul 16, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is due to improper handling of…

  • CVE-2018-0358HigJun 21, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to exhaustion of file descriptors while…

  • CVE-2018-0311HigJun 21, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software…

  • CVE-2018-0298HigJun 21, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could…

  • CVE-2018-0295HigJun 20, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input…

  • CVE-2018-0332HigJun 7, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in…

  • CVE-2018-0353HigJun 7, 2018
    risk 0.49cvss 7.5epss 0.04

    A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. The vulnerability is due to a change in the…

  • CVE-2018-0316HigJun 7, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a…

  • CVE-2018-0325HigMay 17, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The…

  • CVE-2018-0280HigMay 17, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of incoming RTP…

  • CVE-2018-0226HigMay 2, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the assignment and management of default user accounts for Secure Shell (SSH) access to Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running Cisco Mobility Express Software could allow an authenticated, remote attacker to gain elevated…

  • CVE-2018-0239HigApr 19, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an…

  • CVE-2018-0227HigApr 19, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL…

  • CVE-2018-0177HigMar 28, 2018
    risk 0.49cvss 7.5epss 0.04

    A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an…

  • CVE-2018-0170HigMar 28, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition, related to the OpenDNS software. The vulnerability is due to a logic error that exists when handling a…

  • CVE-2017-12310HigMar 27, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information to conduct additional…

  • CVE-2018-0204HigFeb 22, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for individual users. The vulnerability is due to weak login controls. An attacker could exploit…

  • CVE-2018-0094HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. The vulnerability is due to insufficient rate…

  • CVE-2018-0090HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for…

  • CVE-2018-0089HigJan 18, 2018
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The attacker would…

  • CVE-2017-12318HigNov 16, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of service (DoS) condition.…

  • CVE-2017-12316HigNov 16, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side login…

  • CVE-2017-12281HigNov 2, 2017
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for standalone configurations of Cisco Aironet 1800, 2800, and 3800 Series Access Points could allow an unauthenticated, adjacent attacker to bypass authentication and…

  • CVE-2017-12280HigNov 2, 2017
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) Discovery Request parsing functionality of Cisco Wireless LAN Controllers could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial…

  • CVE-2017-15805HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.02

    Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files.

  • CVE-2017-12260HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial…

  • CVE-2017-12259HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the implementation of Session Initiation Protocol (SIP) functionality in Cisco Small Business SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS)…

  • CVE-2017-12270HigOct 5, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the…

  • CVE-2017-12219HigSep 21, 2017
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. The…

  • CVE-2015-0689HigSep 19, 2017
    risk 0.49cvss 7.5epss 0.01

    Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protection mechanisms by leveraging improper handling of HTTP methods, aka Bug ID CSCut69743.

  • CVE-2017-6791HigSep 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Transport Layer…

  • CVE-2017-6780HigSep 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart, aka Memory Exhaustion. The vulnerability is…

  • CVE-2017-6631HigSep 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the HTTP remote procedure call (RPC) service of set-top box (STB) receivers manufactured by Cisco for Yes could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the…

  • CVE-2017-6771HigAug 17, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this…

  • CVE-2017-6766HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software 5.4.0, 5.4.1, 6.0.0, 6.1.0, 6.2.0, 6.2.1, and 6.2.2 could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting…

  • CVE-2017-6763HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected application does not…

  • CVE-2017-6752HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) 9.3(3) and 9.6(2) could allow an unauthenticated, remote attacker to determine valid usernames. The attacker could use this information to conduct additional reconnaissance attacks. The…

  • CVE-2017-6745HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television 3.2(5)ES1 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance. The vulnerability is due to excessive mapped…

  • CVE-2017-6664HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked. This…

  • CVE-2011-4650HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.01

    Cisco Data Center Network Manager is affected by Excessive Logging During a TCP Flood on Java Ports. If the size of server.log becomes very big because of too much logging by the DCNM server, then the CPU utilization increases. Known Affected Releases: 5.2(1). Known Fixed…

  • CVE-2017-9492HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.02

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware…

  • CVE-2017-9486HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.02

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to compute password-of-the-day values via unspecified vectors.

  • CVE-2017-9485HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.01

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to write arbitrary data to a known /var/tmp/sess_* pathname by leveraging the device's operation in UI dev mode.

  • CVE-2017-9484HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.02

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to discover a CM MAC address by sniffing Wi-Fi traffic and performing…

  • CVE-2017-9481HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.01

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to obtain unintended access to the Network Processor (NP) 169.254/16 IP network by adding a routing-table entry that specifies the LAN IP address…

  • CVE-2017-9478HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.02

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices sets the CM MAC address to a value with a two-byte offset from the MTA/VoIP MAC address, which…

  • CVE-2017-6751HigJul 25, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an…

Page 13 of 145