VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,114 total · sorted by risk
  • CVE-2020-3150MedJul 16, 2020
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the web-based management interface of Cisco Small Business RV110W and RV215W Series Routers could allow an unauthenticated, remote attacker to download sensitive information from the device, which could include the device configuration. The vulnerability is…

  • CVE-2020-3368MedJun 18, 2020
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. The vulnerability is due to insufficient input…

  • CVE-2020-3353MedJun 3, 2020
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a race condition that may occur when syslog…

  • CVE-2020-3285MedMay 6, 2020
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific…

  • CVE-2020-3190MedMar 4, 2020
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec…

  • CVE-2020-3163MedFeb 19, 2020
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly manages…

  • CVE-2020-3132MedFeb 19, 2020
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the email message scanning feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a temporary denial of service (DoS) condition on an affected device. The vulnerability is due to…

  • CVE-2019-16026MedJan 26, 2020
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device.…

  • CVE-2012-1316MedJan 15, 2020
    risk 0.38cvss 5.9epss 0.01

    Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks

  • CVE-2019-1981MedNov 5, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The…

  • CVE-2019-12701MedOct 2, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected…

  • CVE-2019-1948MedAug 21, 2019
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data by using an invalid Secure Sockets Layer (SSL) certificate. The vulnerability is due to insufficient SSL certificate validation…

  • CVE-2019-1970MedAug 8, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The…

  • CVE-2019-1951MedAug 8, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this…

  • CVE-2019-1940MedJul 17, 2019
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to…

  • CVE-2019-1933MedJul 6, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper input validation of certain email…

  • CVE-2019-1921MedJul 6, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email…

  • CVE-2019-1905MedJun 20, 2019
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of…

  • CVE-2019-1898MedJun 20, 2019
    risk 0.38cvss 5.3epss 0.41

    A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker…

  • CVE-2019-1860MedMay 16, 2019
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a user’s browser and Cisco Unified Intelligence Center. The vulnerability is due to…

  • CVE-2019-1833MedMay 16, 2019
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of…

  • CVE-2019-1832MedMay 16, 2019
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this…

  • CVE-2019-1831MedApr 18, 2019
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper input validation of the email…

  • CVE-2019-1712MedApr 17, 2019
    risk 0.38cvss 5.8epss 0.03

    A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the PIM process to restart, resulting in a denial of service condition on an affected device. The vulnerability is due to the…

  • CVE-2019-1828MedApr 4, 2019
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption…

  • CVE-2019-1757MedMar 28, 2019
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid certificate. The vulnerability is due to insufficient certificate validation…

  • CVE-2019-1691MedFeb 21, 2019
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the…

  • CVE-2019-1672MedFeb 8, 2019
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability…

  • CVE-2018-15464MedJan 11, 2019
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of certain broadcast…

  • CVE-2018-15443MedNov 8, 2018
    risk 0.38cvss 5.8epss 0.03

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System (IPS) rule that inspects certain types of TCP traffic. The vulnerability is due to incorrect TCP…

  • CVE-2018-0131MedAug 14, 2018
    risk 0.38cvss 5.9epss 0.02

    A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. The vulnerability exists because…

  • CVE-2018-0397MedAug 1, 2018
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerability exists if the…

  • CVE-2018-0384MedJul 16, 2018
    risk 0.38cvss 5.8epss 0.03

    A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected…

  • CVE-2018-0333MedJun 7, 2018
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured…

  • CVE-2018-0297MedMay 17, 2018
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect…

  • CVE-2018-0283MedMay 2, 2018
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. The vulnerability is due…

  • CVE-2018-0281MedMay 2, 2018
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. The vulnerability is due…

  • CVE-2018-0272MedApr 19, 2018
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker…

  • CVE-2018-0256MedApr 19, 2018
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denial of service (DoS)…

  • CVE-2018-0244MedApr 19, 2018
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the…

  • CVE-2018-0243MedApr 19, 2018
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware…

  • CVE-2018-0237MedApr 19, 2018
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file…

  • CVE-2018-0096MedJan 18, 2018
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to perform a privilege escalation in which one virtual domain user can view and modify another virtual domain configuration. The…

  • CVE-2017-12353MedNov 30, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to improper…

  • CVE-2017-12328MedNov 30, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in Session Initiation Protocol (SIP) call handling in Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the SIP process unexpectedly restarts. All active phone calls are dropped…

  • CVE-2017-12311MedNov 16, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server media process to restart unexpectedly when it receives an illegal H.264 frame. The vulnerability is triggered by an H.264 frame…

  • CVE-2017-12300MedNov 16, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 (SMB2) protocol. The vulnerability is due to the incorrect…

  • CVE-2015-6358MedOct 12, 2017
    risk 0.38cvss 5.9epss 0.01

    Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys…

  • CVE-2017-12228MedSep 29, 2017
    risk 0.38cvss 5.9epss 0.01

    A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due…

  • CVE-2011-4667MedSep 25, 2017
    risk 0.38cvss 5.9epss 0.01

    The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN…

Page 66 of 143