Filtered by vendor Cisco
Subscriptions
Total
6558 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5501 | 1 Cisco | 1 Mediasense | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328. | ||||
| CVE-2013-5502 | 1 Cisco | 1 Mediasense | 2025-04-11 | N/A |
| The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344. | ||||
| CVE-2013-5503 | 1 Cisco | 1 Ios Xr | 2025-04-11 | N/A |
| The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon detecting full packet queues, which allows remote attackers to cause a denial of service (memory consumption) via UDP packets to listening ports, aka Bug ID CSCue69413. | ||||
| CVE-2013-5504 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266. | ||||
| CVE-2013-5505 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30275. | ||||
| CVE-2013-5510 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | N/A |
| The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401. | ||||
| CVE-2013-5512 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | N/A |
| Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.4), 9.0.x before 9.0(1.4), and 9.1.x before 9.1(1.2), in certain conditions involving the spoof-server option or ActiveX or Java response inspection, allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response, aka Bug ID CSCud37992. | ||||
| CVE-2013-5517 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-11 | N/A |
| SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567. | ||||
| CVE-2013-5519 | 1 Cisco | 1 Wireless Lan Controller | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the management interface on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuf77810. | ||||
| CVE-2013-5521 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Cisco Identity Services Engine does not properly restrict the creation of guest accounts, which allows remote attackers to cause a denial of service (exhaustion of the account supply) via a series of requests within one session, aka Bug ID CSCue94287. | ||||
| CVE-2013-5522 | 1 Cisco | 2 Catalyst 3750-x, Ios | 2025-04-11 | N/A |
| Cisco IOS on Catalyst 3750X switches has default Service Module credentials, which makes it easier for local users to gain privileges via a Service Module login, aka Bug ID CSCue92286. | ||||
| CVE-2013-5524 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the troubleshooting page in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCug77655. | ||||
| CVE-2013-5531 | 1 Cisco | 1 Identity Services Engine Software | 2025-04-11 | N/A |
| Cisco Identity Services Engine (ISE) 1.x before 1.1.1 allows remote attackers to bypass authentication, and read support-bundle configuration and credentials data, via a crafted session on TCP port 443, aka Bug ID CSCty20405. | ||||
| CVE-2013-5532 | 1 Cisco | 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware | 2025-04-11 | N/A |
| Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug ID CSCuh10343. | ||||
| CVE-2013-5534 | 1 Cisco | 1 Unity Connection | 2025-04-11 | N/A |
| Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for a file that is not a valid audio file, aka Bug ID CSCuj22948. | ||||
| CVE-2013-5535 | 1 Cisco | 3 Video Surveillance 4000 Ip Camera, Video Surveillance 4300e Ip Camera, Video Surveillance 4500e Ip Camera | 2025-04-11 | N/A |
| The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded credentials, which allows remote attackers to watch the video feed by leveraging knowledge of the password, aka Bug IDs CSCuj70402 and CSCuj70419. | ||||
| CVE-2013-5536 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote attackers to cause a denial of service (process crash) via a flood of crafted packets, aka Bug ID CSCui51521. | ||||
| CVE-2013-5540 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Software | 2025-04-11 | N/A |
| The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk consumption and administration-interface outage) by uploading many files, aka Bug ID CSCui67519. | ||||
| CVE-2013-5542 | 1 Cisco | 1 Adaptive Security Appliance Software | 2025-04-11 | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8) allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets, aka Bug ID CSCui77398. | ||||
| CVE-2013-5543 | 1 Cisco | 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more | 2025-04-11 | N/A |
| Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470. | ||||