Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-4231 1 Cisco 3 Nexus 7000, Nexus 7700, Nx-os 2025-04-12 N/A
The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.
CVE-2016-6392 1 Cisco 2 Ios, Ios Xe 2025-04-12 N/A
Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow remote attackers to cause a denial of service (device restart) via a crafted IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message, aka Bug ID CSCud36767.
CVE-2014-3283 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.
CVE-2014-3296 1 Cisco 1 Webex Meetings Server 2025-04-12 N/A
The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server 1.5(.1.131) and earlier allows remote authenticated users to obtain sensitive meeting information via a crafted URL, aka Bug ID CSCum03527.
CVE-2014-3315 1 Cisco 1 Unified Communications Manager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.
CVE-2014-3342 1 Cisco 2 Cli, Ios Xr 2025-04-12 N/A
The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.
CVE-2015-4229 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589.
CVE-2015-4224 1 Cisco 1 Wireless Lan Controller Software 2025-04-12 N/A
Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474.
CVE-2016-1311 1 Cisco 1 Jabber Guest 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Jabber Guest Server 10.6(8) allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224.
CVE-2014-3276 1 Cisco 1 Identity Services Engine Software 2025-04-12 N/A
Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier does not properly handle deadlock conditions during reception of crafted RADIUS accounting packets from multiple NAS devices, which allows remote authenticated users to cause a denial of service (RADIUS outage) by sourcing these packets from two origins, aka Bug ID CSCuo56780.
CVE-2016-6373 1 Cisco 1 Cloud Services Platform 2100 2025-04-12 N/A
The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated administrators to execute arbitrary OS commands as root via crafted platform commands, aka Bug ID CSCva00541.
CVE-2014-3272 1 Cisco 1 Tidal Enterprise Scheduler 2025-04-12 N/A
The Agent in Cisco Tidal Enterprise Scheduler (TES) 6.1 and earlier allows local users to gain privileges via crafted Tidal Job Buffers (TJB) parameters, aka Bug ID CSCuo33074.
CVE-2016-1303 1 Cisco 16 500 Series Switch Firmware, Sf500-24, Sf500-24p and 13 more 2025-04-12 N/A
The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330.
CVE-2014-3275 1 Cisco 1 Identity Services Engine Software 2025-04-12 N/A
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
CVE-2014-3277 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum77005.
CVE-2016-1302 5 Cisco, Samsung, Sun and 2 more 22 Nexus 92160yc-x, Nexus 92304qc, Nexus 9236c and 19 more 2025-04-12 N/A
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998.
CVE-2016-1299 1 Cisco 28 300 Series Managed Switch Firmware, Sf300-08, Sf300-24 and 25 more 2025-04-12 N/A
The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote attackers to cause a denial of service (HTTPS outage) via crafted HTTPS requests, aka Bug ID CSCuw87174.
CVE-2015-4228 1 Cisco 1 Digital Content Manager 2025-04-12 N/A
Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad servers to cause a denial of service (reboot) via malformed ad messages, aka Bug ID CSCur13999.
CVE-2015-6434 1 Cisco 1 Prime Infrastructure 2025-04-12 N/A
Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCux64856.
CVE-2016-6364 1 Cisco 1 Unified Communications Manager 2025-04-12 N/A
The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.