Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-0601 1 Cisco 4 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9951 Firmware and 1 more 2025-04-12 N/A
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790.
CVE-2015-4255 1 Cisco 1 Telepresence Ip Gateway 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP Gateway devices with software 2.0(3.34) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90734.
CVE-2014-3268 1 Cisco 2 Ios, Unified Border Element 2025-04-12 N/A
Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packets, aka Bug ID CSCuj72215.
CVE-2014-3275 1 Cisco 1 Identity Services Engine Software 2025-04-12 N/A
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
CVE-2016-1407 1 Cisco 7 Asr 9001, Asr 9006, Asr 9010 and 4 more 2025-04-12 N/A
Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.
CVE-2014-8001 1 Cisco 1 Openh264 2025-04-12 N/A
Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.
CVE-2014-2184 1 Cisco 1 Unified Communications Manager 2025-04-12 N/A
The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352.
CVE-2015-0600 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2025-04-12 N/A
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to cause a denial of service (logoff) via crafted packets, aka Bug ID CSCuq12139.
CVE-2014-2171 1 Cisco 2 Telepresence Tc Software, Telepresence Te Software 2025-04-12 N/A
Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796.
CVE-2014-2159 1 Cisco 13 Tandberg 2000 Mxp, Tandberg 550 Mxp, Tandberg 770 Mxp and 10 more 2025-04-12 N/A
The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCtq78722.
CVE-2016-1406 1 Cisco 2 Evolved Programmable Network Manager, Prime Infrastructure 2025-04-12 N/A
The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID CSCuy12409.
CVE-2014-2132 1 Cisco 2 Webex Advanced Recording Format Player, Webex Recording Format Player 2025-04-12 N/A
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.
CVE-2014-2122 1 Cisco 1 Hosted Collaboration Solution 2025-04-12 N/A
Memory leak in the GUI in the Impact server in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCub58999.
CVE-2016-1404 1 Cisco 1 Ucs Invicta C3124sa Appliance 2025-04-12 N/A
Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by sniffing network traffic to an Autosupport server and leveraging knowledge of this key from another installation, aka Bug ID CSCur85504.
CVE-2015-0599 1 Cisco 1 Unified Computing System 2025-04-12 N/A
The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) on C-Series Rack Servers does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuf50138.
CVE-2014-2111 1 Cisco 1 Ios 2025-04-12 N/A
The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.
CVE-2016-1401 1 Cisco 1 Unified Computing System Central Software 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Computing System (UCS) Central Software 1.4(1a) allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuy91250.
CVE-2015-0652 1 Cisco 3 Expressway Software, Telepresence Conductor, Telepresence Video Communication Server Software 2025-04-12 N/A
The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192.
CVE-2015-4254 1 Cisco 1 Telepresence Advanced Media Gateway 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Advanced Media Gateway devices with software 1.1(1.40) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90732.
CVE-2016-1400 1 Cisco 1 Telepresence Video Communication Server 2025-04-12 N/A
Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258.