Filtered by vendor Cisco
Subscriptions
Total
6756 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1445 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-12 | 5.3 Medium |
| Cisco Adaptive Security Appliance (ASA) Software 8.2 through 9.4.3.3 allows remote attackers to bypass intended ICMP Echo Reply ACLs via vectors related to subtypes. | ||||
| CVE-2016-1450 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715. | ||||
| CVE-2016-1451 | 1 Cisco | 1 Meeting Server | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922. | ||||
| CVE-2016-1452 | 1 Cisco | 2 Asr 5000, Asr 5000 Software | 2025-04-12 | N/A |
| Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. | ||||
| CVE-2016-1455 | 1 Cisco | 8 Nexus 93128, Nexus 9396px, Nexus 9396tx and 5 more | 2025-04-12 | N/A |
| Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365. | ||||
| CVE-2016-1456 | 1 Cisco | 1 Ios Xr | 2025-04-12 | N/A |
| The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to execute arbitrary OS commands in a privileged context by leveraging unspecified container access, aka Bug ID CSCuz62721. | ||||
| CVE-2016-1459 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | N/A |
| Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061. | ||||
| CVE-2016-1466 | 1 Cisco | 1 Unified Communications Manager Im And Presence Service | 2025-04-12 | N/A |
| Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID CSCva39072. | ||||
| CVE-2016-1462 | 1 Cisco | 1 Prime Service Catalog | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Prime Service Catalog (PSC) 11.0 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuz63795. | ||||
| CVE-2016-1464 | 1 Cisco | 1 Webex Wrf Player T29 | 2025-04-12 | N/A |
| Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375. | ||||
| CVE-2016-1465 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2025-04-12 | N/A |
| Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID CSCuw57985. | ||||
| CVE-2016-1467 | 1 Cisco | 1 Videoscape Session Resource Manager | 2025-04-12 | N/A |
| Cisco Videoscape Session Resource Manager (VSRM) allows remote attackers to cause a denial of service (device restart) by sending a traffic flood to upstream devices, aka Bug ID CSCva01813. | ||||
| CVE-2016-1477 | 1 Cisco | 1 Connected Streaming Analytics | 2025-04-12 | N/A |
| Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891. | ||||
| CVE-2016-1471 | 1 Cisco | 1 Small Business 220 Series Smart Plus Switches | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz76232. | ||||
| CVE-2016-1472 | 1 Cisco | 1 Small Business 220 Series Smart Plus Switches | 2025-04-12 | N/A |
| The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request, aka Bug ID CSCuz76238. | ||||
| CVE-2016-1473 | 1 Cisco | 1 Small Business 220 Series Smart Plus Switches | 2025-04-12 | N/A |
| Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community, aka Bug ID CSCuz76216. | ||||
| CVE-2016-1469 | 1 Cisco | 4 Spa300 Firmware, Spa300 Series Ip Phone, Spa500 Firmware and 1 more | 2025-04-12 | 7.5 High |
| The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385. | ||||
| CVE-2016-1476 | 1 Cisco | 2 Ip Phone 8800, Ip Phone 8800 Series Firmware | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability on Cisco IP Phone 8800 devices with software 11.0 allows remote authenticated users to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCuz03024. | ||||
| CVE-2016-1485 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine 1.3(0.876) allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva46497. | ||||
| CVE-2016-1482 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. | ||||