Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6712 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-7992 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014. | ||||
| CVE-2015-6390 | 1 Cisco | 1 Unity Connection | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1.10) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741. | ||||
| CVE-2015-0746 | 1 Cisco | 1 Secure Access Control Server | 2025-04-12 | N/A |
| The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022. | ||||
| CVE-2014-8035 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCuj40247. | ||||
| CVE-2014-8004 | 1 Cisco | 1 Ios Xr | 2025-04-12 | N/A |
| Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378. | ||||
| CVE-2015-0580 | 1 Cisco | 1 Secure Access Control System | 2025-04-12 | N/A |
| Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System (ACS) before 5.5 patch 7 allow remote authenticated administrators to execute arbitrary SQL commands via crafted HTTPS requests, aka Bug ID CSCuq79027. | ||||
| CVE-2014-8006 | 1 Cisco | 1 Isb8320-e High-definition Ip-only Dvr | 2025-04-12 | N/A |
| The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422. | ||||
| CVE-2014-7998 | 1 Cisco | 21 Aironet 1040, Aironet 1140, Aironet 1260 and 18 more | 2025-04-12 | N/A |
| Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509. | ||||
| CVE-2014-8016 | 1 Cisco | 1 Ironport Email Security Appliances | 2025-04-12 | N/A |
| The Cisco IronPort Email Security Appliance (ESA) allows remote attackers to cause a denial of service (CPU consumption) via long Subject headers in e-mail messages, aka Bug ID CSCzv93864. | ||||
| CVE-2014-7993 | 1 Cisco | 6 Meraki Mr, Meraki Mr Firmware, Meraki Ms and 3 more | 2025-04-12 | N/A |
| Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012. | ||||
| CVE-2015-4191 | 1 Cisco | 1 Ios Xr | 2025-04-12 | N/A |
| Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565. | ||||
| CVE-2014-7997 | 1 Cisco | 21 Aironet 1040, Aironet 1140, Aironet 1260 and 18 more | 2025-04-12 | N/A |
| The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281. | ||||
| CVE-2014-8018 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur19630, and CSCur19661. | ||||
| CVE-2016-6446 | 1 Cisco | 1 Meeting Server | 2025-04-12 | N/A |
| A vulnerability in Web Bridge for Cisco Meeting Server could allow an unauthenticated, remote attacker to retrieve memory from a connected server. More Information: CSCvb03308. Known Affected Releases: 1.8, 1.9, 2.0. | ||||
| CVE-2015-6388 | 1 Cisco | 1 Unified Computing System Central Software | 2025-04-12 | N/A |
| Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCux33575. | ||||
| CVE-2015-0773 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | N/A |
| Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arbitrary user's dashboard via a modified VPN deletion request in a management session, aka Bug ID CSCut67078. | ||||
| CVE-2015-6389 | 1 Cisco | 1 Prime Collaboration Assurance | 2025-04-12 | N/A |
| Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707. | ||||
| CVE-2014-7990 | 1 Cisco | 4 Air-ct5760, Ios Xe, Ws-c3850 and 1 more | 2025-04-12 | N/A |
| Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815. | ||||
| CVE-2014-8033 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| The play/modules component in Cisco WebEx Meetings Server allows remote attackers to obtain administrator access via crafted API requests, aka Bug ID CSCuj40421. | ||||
| CVE-2015-0588 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055. | ||||