VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,230 total · sorted by risk
  • CVE-2019-15286HigNov 26, 2019
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain…

  • CVE-2019-15284HigNov 26, 2019
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient validation of certain…

  • CVE-2019-12699HigOct 2, 2019
    risk 0.51cvss 7.8epss 0.00

    Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute commands on the underlying operating system (OS) with root privileges. These vulnerabilities are due to…

  • CVE-2019-12717HigSep 25, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to…

  • CVE-2019-12671HigSep 25, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS). The vulnerability is due to insufficient enforcement of the consent token in…

  • CVE-2019-12645HigSep 5, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device The vulnerability is due to improper file level permissions…

  • CVE-2019-1966HigAug 30, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to…

  • CVE-2019-1883HigAug 21, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to…

  • CVE-2019-1929HigAug 7, 2019
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly…

  • CVE-2019-1928HigAug 7, 2019
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly…

  • CVE-2019-1927HigAug 7, 2019
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly…

  • CVE-2019-1926HigAug 7, 2019
    risk 0.51cvss 7.8epss 0.02

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly…

  • CVE-2019-1924HigAug 7, 2019
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly…

  • CVE-2019-1925HigAug 7, 2019
    risk 0.51cvss 7.8epss 0.01

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected software improperly…

  • CVE-2019-1893HigJul 6, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. The vulnerability is due to insufficient input validation of…

  • CVE-2019-1625HigJun 20, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this…

  • CVE-2019-1773HigMay 15, 2019
    risk 0.51cvss 7.8epss 0.02

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2019-1772HigMay 15, 2019
    risk 0.51cvss 7.8epss 0.02

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2019-1771HigMay 15, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2019-1735HigMay 15, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments…

  • CVE-2019-1726HigMay 15, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain…

  • CVE-2017-18279HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880,…

  • CVE-2019-1816HigMay 3, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The vulnerability is due to insufficient validation of user-supplied input on the…

  • CVE-2019-1682HigMay 3, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device. The vulnerability is due to insufficient input…

  • CVE-2019-1592HigMay 3, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to…

  • CVE-2019-1654HigApr 17, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series Access Points (APs) running the Cisco AP-COS operating system could allow an authenticated, local attacker to access the development shell without proper authentication, which allows for…

  • CVE-2019-1785HigApr 8, 2019
    risk 0.51cvss 7.8epss 0.02

    A vulnerability in the RAR file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper…

  • CVE-2019-1745HigMar 28, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit…

  • CVE-2019-1618HigMar 11, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to an incorrect permissions setting. An attacker could exploit…

  • CVE-2019-1606HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI…

  • CVE-2019-1605HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a…

  • CVE-2019-1604HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to an incorrect authorization check of user accounts and their associated…

  • CVE-2019-1603HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to escalate lower-level privileges to the administrator level. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by…

  • CVE-2019-1602HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem…

  • CVE-2019-1601HigMar 8, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted…

  • CVE-2019-1596HigMar 7, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a…

  • CVE-2019-1593HigMar 6, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The…

  • CVE-2019-1591HigMar 6, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-supplied…

  • CVE-2019-1664HigFeb 21, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by…

  • CVE-2019-1648HigJan 24, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to a failure to properly validate certain parameters included within the group…

  • CVE-2019-1646HigJan 24, 2019
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An…

  • CVE-2019-1641HigJan 23, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2019-1640HigJan 23, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2019-1639HigJan 23, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2019-1638HigJan 23, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2019-1637HigJan 23, 2019
    risk 0.51cvss 7.8epss 0.01

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

  • CVE-2018-0468HigDec 4, 2018
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the configuration of a local database installed as part of the Cisco Energy Management Suite (CEMS) could allow an authenticated, local attacker to access and alter confidential data. The vulnerability is due to the installation of the PostgreSQL database with…

  • CVE-2017-18304HigOct 23, 2018
    risk 0.51cvss 7.8epss 0.00

    Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD…

  • CVE-2018-0417HigOct 17, 2018
    risk 0.51cvss 7.8epss 0.03

    A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerability is due to incorrect…

  • CVE-2018-15422HigOct 5, 2018
    risk 0.51cvss 7.8epss 0.02

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates…

Page 23 of 145