VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,231 total · sorted by risk
  • CVE-2009-4910Jun 29, 2010
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418.

  • CVE-2010-2506Jun 28, 2010
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter.

  • CVE-2010-1572Jun 10, 2010
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.

  • CVE-2010-1571Jun 10, 2010
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP…

  • CVE-2010-1570Jun 10, 2010
    risk 0.00cvss epss 0.03

    The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote attackers to cause a denial of service (CTI server and Node Manager failure) via…

  • CVE-2010-0600May 27, 2010
    risk 0.00cvss epss 0.05

    Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not properly restrict network access to an unspecified…

  • CVE-2010-0599May 27, 2010
    risk 0.00cvss epss 0.03

    Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, which…

  • CVE-2010-0598May 27, 2010
    risk 0.00cvss epss 0.03

    Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which…

  • CVE-2010-0597May 27, 2010
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to…

  • CVE-2010-0596May 27, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1.dev.1 and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device…

  • CVE-2010-0595May 27, 2010
    risk 0.00cvss epss 0.03

    Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 has a default password for the administrative user account and…

  • CVE-2010-2082May 26, 2010
    risk 0.00cvss epss 0.01

    The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 has a default administrative password (aka SAPassword) of W2402, which makes it easier for remote attackers to obtain privileged access.

  • CVE-2010-2026May 26, 2010
    risk 0.00cvss epss 0.02

    The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the firmware, via a direct request to an unspecified page.

  • CVE-2010-1568May 14, 2010
    risk 0.00cvss epss 0.01

    The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook before 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote attackers to obtain cleartext contents of e-mail messages that were intended to be encrypted,…

  • CVE-2010-1567May 14, 2010
    risk 0.00cvss epss 0.02

    The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.8(1)S5 allows remote attackers to cause a denial of service (device crash) via a malformed header, aka Bug ID CSCsz13590.

  • CVE-2010-1565May 14, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software 9.7(3)S before 9.7(3)S9 and 9.7(3)P before 9.7(3)P9 allows remote attackers to cause a denial of service (TCP socket exhaustion) via unknown vectors, aka Bug ID CSCsk13561.

  • CVE-2010-1563May 14, 2010
    risk 0.00cvss epss 0.02

    The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.7(3)S before 9.7(3)S9 and 9.7(3)P before 9.7(3)P9 allows remote attackers to cause a denial of service (device crash) via a malformed header, aka Bug ID CSCsk04588.

  • CVE-2010-1562May 14, 2010
    risk 0.00cvss epss 0.02

    The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.7(3)S before 9.7(3)S9 and 9.7(3)P before 9.7(3)P9 allows remote attackers to cause a denial of service (device crash) via a malformed Contact header, aka Bug ID CSCsj98521.

  • CVE-2010-1561May 14, 2010
    risk 0.00cvss epss 0.02

    The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.7(3)S before 9.7(3)S11 and 9.7(3)P before 9.7(3)P11 allows remote attackers to cause a denial of service (device crash) via a long message, aka Bug ID CSCsk44115.

  • CVE-2010-0604May 14, 2010
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165.

  • CVE-2010-0603May 14, 2010
    risk 0.00cvss epss 0.02

    The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030.

  • CVE-2010-0602May 14, 2010
    risk 0.00cvss epss 0.02

    The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug ID CSCsk32606.

  • CVE-2010-0601May 14, 2010
    risk 0.00cvss epss 0.02

    The MGCP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug ID CSCsl39126.

  • CVE-2010-0594May 4, 2010
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467.

  • CVE-2010-0593Apr 22, 2010
    risk 0.00cvss epss 0.03

    The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, PVC2300 Business Internet Video Camera before 1.1.2.6, WVC200 Wireless-G PTZ Internet Video Camera before 1.1.1.15, WVC210 Wireless-G PTZ Internet Video Camera before 1.1.1.15, and WVC2300 Wireless-G Business…

  • CVE-2010-0589Apr 15, 2010
    risk 0.00cvss epss 0.05

    The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page, aka Bug ID…

  • CVE-2010-0586Mar 25, 2010
    risk 0.00cvss epss 0.03

    Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP)…

  • CVE-2010-0585Mar 25, 2010
    risk 0.00cvss epss 0.02

    Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP)…

  • CVE-2010-0584Mar 25, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250.

  • CVE-2010-0583Mar 25, 2010
    risk 0.00cvss epss 0.03

    Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855.

  • CVE-2010-0582Mar 25, 2010
    risk 0.00cvss epss 0.01

    Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.

  • CVE-2010-0581Mar 25, 2010
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability."

  • CVE-2010-0580Mar 25, 2010
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."

  • CVE-2010-0579Mar 25, 2010
    risk 0.00cvss epss 0.03

    The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability."

  • CVE-2010-0578Mar 25, 2010
    risk 0.00cvss epss 0.03

    The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.

  • CVE-2010-0577Mar 25, 2010
    risk 0.00cvss epss 0.03

    Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.

  • CVE-2010-0576Mar 25, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service…

  • CVE-2010-0573Mar 5, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability on the Cisco Digital Media Player before 5.2 allows remote attackers to hijack the source of (1) video or (2) data for a display via unknown vectors, related to a "content injection" issue, aka Bug ID CSCtc46024.

  • CVE-2010-0572Mar 5, 2010
    risk 0.00cvss epss 0.03

    Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Digital Media Player credentials via vectors related to reading a (1) error log or (2) stack trace, aka Bug ID CSCtc46050.

  • CVE-2010-0571Mar 5, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authenticated users to gain privileges via unknown vectors, and consequently execute arbitrary code via a crafted web application, aka Bug ID CSCtc46008.

  • CVE-2010-0570Mar 5, 2010
    risk 0.00cvss epss 0.05

    Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administration account, which makes it easier for remote attackers to execute arbitrary code via a crafted web application, aka Bug ID CSCta03378.

  • CVE-2010-0592Mar 5, 2010
    risk 0.00cvss epss 0.03

    The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a…

  • CVE-2010-0591Mar 5, 2010
    risk 0.00cvss epss 0.02

    Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the…

  • CVE-2010-0590Mar 5, 2010
    risk 0.00cvss epss 0.03

    The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188.

  • CVE-2010-0588Mar 5, 2010
    risk 0.00cvss epss 0.02

    Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines or (2) FwdStatReq message with…

  • CVE-2010-0587Mar 5, 2010
    risk 0.00cvss epss 0.03

    Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message…

  • CVE-2010-0148Feb 23, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets."

  • CVE-2010-0147Feb 23, 2010
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2010-0146Feb 23, 2010
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.

  • CVE-2010-0569Feb 19, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial…

Page 133 of 145