Export limit exceeded: 336178 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6702 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-4266 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | N/A |
| The web interface in Cisco Identity Services Engine (ISE) 1.1(4.1), 1.3(106.146), and 1.3(120.135) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCut04556. | ||||
| CVE-2015-4267 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(0.793), 1.3(0.876), 1.4(0.109), 2.0(0.147), and 2.0(0.169) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus09940. | ||||
| CVE-2015-0750 | 1 Cisco | 1 Hosted Collaboration Solution | 2025-04-12 | N/A |
| The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786. | ||||
| CVE-2015-6269 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2025-04-12 | N/A |
| Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted (1) IPv4 or (2) IPv6 packet, aka Bug ID CSCsw69990. | ||||
| CVE-2015-4270 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.5 and 6.0.0 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuv22557, CSCuv22583, CSCuv22632, CSCuv22641, CSCuv22650, CSCuv22662, CSCuv22697, and CSCuv22702. | ||||
| CVE-2015-4271 | 1 Cisco | 1 Telepresence Tc Software | 2025-04-12 | N/A |
| Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604. | ||||
| CVE-2015-6272 | 1 Cisco | 8 Asr 1001, Asr 1001-x, Asr 1002 and 5 more | 2025-04-12 | N/A |
| Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted H.323 packet, aka Bug ID CSCsx35393, CSCsx07094, and CSCsw93064. | ||||
| CVE-2015-4273 | 1 Cisco | 1 Asr 5000 Series Software | 2025-04-12 | N/A |
| The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 15.0(912), 15.0(935), and 15.0(938) allows remote attackers to cause a denial of service (Session Manager outage) via malformed fields in an IP packet, aka Bug ID CSCut38476. | ||||
| CVE-2015-0747 | 1 Cisco | 3 Headend Digital Broadband Delivery System, Headend System Release, Videoscape Conductor | 2025-04-12 | N/A |
| Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. | ||||
| CVE-2015-0746 | 1 Cisco | 1 Secure Access Control Server | 2025-04-12 | N/A |
| The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022. | ||||
| CVE-2016-1378 | 1 Cisco | 1 Ios | 2025-04-12 | N/A |
| Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potentially sensitive software-version information via a request to the Network Mobility Services Protocol (NMSP) port, aka Bug ID CSCum62591. | ||||
| CVE-2015-0745 | 1 Cisco | 2 Headend Digital Broadband Delivery System, Headend System Release | 2025-04-12 | N/A |
| Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909. | ||||
| CVE-2015-4278 | 1 Cisco | 1 Email Security Appliance Firmware | 2025-04-12 | N/A |
| Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote attackers to cause a denial of service (per-domain e-mail reception outage) by placing malformed DMARC policy data in DNS TXT records for a domain, aka Bug ID CSCuv14806. | ||||
| CVE-2015-4279 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | N/A |
| The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778. | ||||
| CVE-2015-0744 | 1 Cisco | 3 Dta Control System, Headend Digital Broadband Delivery System, Headend System Release | 2025-04-12 | N/A |
| Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. | ||||
| CVE-2015-4281 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146. | ||||
| CVE-2015-0743 | 1 Cisco | 2 Headend Digital Broadband Delivery System, Headend System Release | 2025-04-12 | N/A |
| Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. | ||||
| CVE-2015-4284 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2025-04-12 | N/A |
| The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670. | ||||
| CVE-2015-0742 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | N/A |
| The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398. | ||||
| CVE-2015-6369 | 1 Cisco | 1 Firepower Extensible Operating System | 2025-04-12 | N/A |
| The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows physically proximate attackers to cause a denial of service via a crafted USB device that triggers invalid USB commands, aka Bug ID CSCux10531. | ||||