VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,228 total · sorted by risk
  • CVE-2020-3402HigJul 2, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because certain RMI listeners are not…

  • CVE-2020-3263HigJun 18, 2020
    risk 0.49cvss 7.5epss 0.04

    A vulnerability in Cisco Webex Meetings Desktop App could allow an unauthenticated, remote attacker to execute programs on an affected end-user system. The vulnerability is due to improper validation of input that is supplied to application URLs. The attacker could exploit this…

  • CVE-2020-3230HigJun 3, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect…

  • CVE-2020-3272HigMay 22, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of incoming DHCP traffic. An attacker…

  • CVE-2020-3341HigMay 13, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read.…

  • CVE-2020-3327HigMay 13, 2020
    risk 0.49cvss 7.5epss 0.05

    A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An…

  • CVE-2020-3312HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. The vulnerability is due to insufficient application…

  • CVE-2020-3306HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due…

  • CVE-2020-3305HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.…

  • CVE-2020-3303HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The…

  • CVE-2020-3298HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a…

  • CVE-2020-3255HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management.…

  • CVE-2020-3254HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.02

    Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition…

  • CVE-2020-3195HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Open Shortest Path First (OSPF) implementation in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The…

  • CVE-2020-3179HigMay 6, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due…

  • CVE-2020-3273HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the 802.11 Generic Advertisement Service (GAS) frame processing function of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS). The…

  • CVE-2020-3262HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol handler of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The…

  • CVE-2020-3177HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Tool for Auto-Registered Phones Support (TAPS) of Cisco Unified Communications Manager (UCM) and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to conduct directory traversal attacks on…

  • CVE-2020-3162HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Constrained Application Protocol (CoAP) implementation of Cisco IoT Field Network Director could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input…

  • CVE-2020-3168HigFeb 26, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI. The…

  • CVE-2011-4661HigFeb 12, 2020
    risk 0.49cvss 7.5epss 0.01

    A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.

  • CVE-2013-1202HigFeb 7, 2020
    risk 0.49cvss 7.5epss 0.01

    Cisco ACE A2(3.6) allows log retention DoS.

  • CVE-2020-3123HigFeb 5, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds…

  • CVE-2020-3147HigJan 30, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker…

  • CVE-2020-3142HigJan 26, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile…

  • CVE-2010-3048HigJan 16, 2020
    risk 0.49cvss 7.5epss 0.01

    Cisco Unified Personal Communicator 7.0 (1.13056) does not free allocated memory for received data and does not perform validation if memory allocation is successful, causing a remote denial of service condition.

  • CVE-2019-15961HigJan 15, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing…

  • CVE-2019-15276MedNov 26, 2019
    risk 0.49cvss 6.5epss 0.46

    A vulnerability in the web interface of Cisco Wireless LAN Controller Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists due to a failure of the HTTP parsing engine to…

  • CVE-2019-1789HigNov 5, 2019
    risk 0.49cvss 7.5epss 0.01

    ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.

  • CVE-2019-12625HigNov 5, 2019
    risk 0.49cvss 7.5epss 0.02

    ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.

  • CVE-2019-15626HigOct 17, 2019
    risk 0.49cvss 7.5epss 0.02

    The Deep Security Manager application (Versions 10.0, 11.0 and 12.0), when configured in a certain way, may transmit initial LDAP communication in clear text. This may result in confidentiality impact but does not impact integrity or availability.

  • CVE-2019-15262HigOct 16, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Secure Shell (SSH) session management for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the SSH process is…

  • CVE-2019-12706HigOct 2, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the configured user filters on an affected device. The vulnerability exists because the…

  • CVE-2019-12698HigOct 2, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to…

  • CVE-2019-12697HigOct 2, 2019
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section…

  • CVE-2019-12696HigOct 2, 2019
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section…

  • CVE-2019-12678HigOct 2, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an…

  • CVE-2019-12673HigOct 2, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due…

  • CVE-2019-12669HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software, could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper…

  • CVE-2019-12664HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Dialer interface feature for ISDN connections in Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers (ISRs) could allow an unauthenticated, adjacent attacker to pass IPv4 traffic through an ISDN channel prior to successful PPP…

  • CVE-2019-12659HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. The vulnerability is due to a logical error in the logging mechanism. An attacker could exploit this vulnerability by generating a…

  • CVE-2019-12658HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to ineffective…

  • CVE-2019-12657HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in Unified Threat Defense (UTD) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper validation of IPv6 packets through the UTD feature. An attacker could exploit this…

  • CVE-2019-12656HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the IOx application environment of multiple Cisco platforms could allow an unauthenticated, remote attacker to cause the IOx web server to stop processing HTTPS requests, resulting in a denial of service (DoS) condition. The vulnerability is due to a Transport…

  • CVE-2019-12655HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected…

  • CVE-2019-12654HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to…

  • CVE-2019-12653HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper parsing of Raw Socket…

  • CVE-2019-12652HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper…

  • CVE-2019-12647HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability exists because the affected software incorrectly handles memory structures, leading to a NULL…

  • CVE-2019-12646HigSep 25, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper…

Page 28 of 145