Vulnerabilities (CVE)

Vendor filter

Cisco Subscribe

Filter

3659 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-15393 1 Cisco 1 Content Security Management Appliance 2018-12-11 4.3
A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based...
CVE-2018-15445 1 Cisco 1 Energy Management Suite Software 2018-12-11 6.0
A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected...
CVE-2018-15439 1 Cisco 1 Small Business Switches 2018-12-11 9.3
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the...
CVE-2018-15446 1 Cisco 1 Meeting Server 2018-12-10 5.0
A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper protections on data that is returned from user meeting requests when the Guest...
CVE-2018-15447 1 Cisco 1 Integrated Management Controller 2018-12-10 7.5
A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of...
CVE-2018-15448 1 Cisco 1 Registered Envelope Service 2018-12-10 5.0
A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use this information to conduct additional...
CVE-2018-15449 1 Cisco 1 Video Surveillance Media Server 2018-12-10 4.3
A vulnerability in the web-based management interface of Cisco Video Surveillance Media Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the web-based management interface of an affected system. The...
CVE-2018-15441 1 Cisco 1 Prime License Manager 2018-12-10 7.5
A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL...
CVE-2018-0430 1 Cisco 1 Unified Computing System 2018-12-06 9.0
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The...
CVE-2018-0431 1 Cisco 1 Unified Computing System 2018-12-06 9.0
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The...
CVE-2018-15425 1 Cisco 1 Identity Services Engine 2018-12-06 6.5
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges...
CVE-2018-15424 1 Cisco 1 Identity Services Engine 2018-12-06 6.5
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges...
CVE-2018-15431 1 Cisco 3 Webex Business Suite 32, Webex Meetings Online, Webex Meetings Server 2018-12-06 6.9
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the...
CVE-2018-15409 1 Cisco 4 Webex Business Suite 31, Webex Business Suite 33, Webex Meetings Online and 1 more 2018-12-06 6.8
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the...
CVE-2018-0404 1 Cisco 2 Rv180w Wireless-n Multifunction Vpn Router, Rv220w Wireless Network Security Firewall 2018-12-04 5.0
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL...
CVE-2018-0447 1 Cisco 1 Email Security Appliance 2018-12-04 5.0
A vulnerability in the anti-spam protection mechanisms of Cisco AsyncOS Software for the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass certain content filters on an affected device. The...
CVE-2018-0454 1 Cisco 1 Cloud Services Platform 2100 Firmware 2018-12-04 6.5
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to perform command injection. The vulnerability is due to insufficient input validation of command input. An...
CVE-2018-0459 1 Cisco 1 Network Functions Virtualization Infrastructure 2018-12-04 6.8
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to cause an affected system to reboot or shut down. The vulnerability is due to...
CVE-2018-0460 1 Cisco 1 Network Functions Virtualization Infrastructure 2018-12-04 6.8
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read any file on an affected system. The vulnerability is due to insufficient authorization and parameter...
CVE-2018-0435 1 Cisco 1 Umbrella 2018-12-04 6.5
A vulnerability in the Cisco Umbrella API could allow an authenticated, remote attacker to view and modify data across their organization and other organizations. The vulnerability is due to insufficient authentication configurations for the API...