Export limit exceeded: 335868 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6654 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-4266 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | N/A |
| The web interface in Cisco Identity Services Engine (ISE) 1.1(4.1), 1.3(106.146), and 1.3(120.135) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCut04556. | ||||
| CVE-2015-6411 | 1 Cisco | 1 Secure Firewall Management Center | 2025-04-12 | N/A |
| Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061. | ||||
| CVE-2015-4189 | 1 Cisco | 1 Data Center Analytics Framework | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework (DCAF) 1.4 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun26807. | ||||
| CVE-2015-0751 | 1 Cisco | 2 Ip Phone 7861, Unified Communications Manager | 2025-04-12 | N/A |
| Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800. | ||||
| CVE-2015-0752 | 1 Cisco | 1 Telepresence Video Communication Server | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635. | ||||
| CVE-2015-0753 | 1 Cisco | 1 Unified Web And E-mail Interaction Manager | 2025-04-12 | N/A |
| SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028. | ||||
| CVE-2015-6414 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
| Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different customers' installations, which makes it easier for local users to defeat cryptographic protection mechanisms by leveraging knowledge of a key from another installation, aka Bug ID CSCuw64516. | ||||
| CVE-2015-0767 | 1 Cisco | 2 Edge 340, Edge 340 Firmware | 2025-04-12 | N/A |
| Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local users to obtain root privileges via unspecified commands, aka Bug ID CSCur18132. | ||||
| CVE-2015-6408 | 1 Cisco | 1 Unity Connection | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connection 11.5(0.98) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCux24578. | ||||
| CVE-2015-0757 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | N/A |
| The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140. | ||||
| CVE-2015-0768 | 1 Cisco | 1 Prime Network Control System | 2025-04-12 | N/A |
| The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login session, aka Bug ID CSCur27371. | ||||
| CVE-2015-6409 | 1 Cisco | 1 Jabber | 2025-04-12 | N/A |
| Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419. | ||||
| CVE-2015-4191 | 1 Cisco | 1 Ios Xr | 2025-04-12 | N/A |
| Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565. | ||||
| CVE-2015-0761 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2025-04-12 | N/A |
| Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privileges via crafted vpnagent options, aka Bug ID CSCus86790. | ||||
| CVE-2015-4263 | 1 Cisco | 1 Mobility Services Engine | 2025-04-12 | N/A |
| The Control and Provisioning functionality in Cisco Mobility Services Engine (MSE) 10.0(0.1) allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCut36851. | ||||
| CVE-2015-6415 | 1 Cisco | 1 Unified Computing System | 2025-04-12 | N/A |
| Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of service (CPU consumption or device outage) via a SYN flood on the SSH port during the booting process, aka Bug ID CSCuu81757. | ||||
| CVE-2015-0764 | 1 Cisco | 1 Unified Meetingplace | 2025-04-12 | N/A |
| Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via a crafted resource request, aka Bug ID CSCus95603. | ||||
| CVE-2015-0765 | 1 Cisco | 1 Ons 15454 System Software | 2025-04-12 | N/A |
| Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of service (tNetTask CPU consumption or card reset) via a flood of (1) IP or (2) Ethernet traffic, aka Bug ID CSCus57263. | ||||
| CVE-2015-0769 | 1 Cisco | 1 Ios Xr Software | 2025-04-12 | N/A |
| Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546. | ||||
| CVE-2015-4267 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(0.793), 1.3(0.876), 1.4(0.109), 2.0(0.147), and 2.0(0.169) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus09940. | ||||