← Back

Cisco

cisco

6,580 CVEs • 6,222 products

Products (6,222)

Click to collapse
Toggle
Ios
ios
613 CVEs
Ios Xe
ios_xe
541 CVEs
Adaptive Security Appliance Software
adaptive_security_appliance_software
351 CVEs
Nx Os
nx_os
275 CVEs
Unified Communications Manager
unified_communications_manager
239 CVEs
Firepower Threat Defense
firepower_threat_defense
230 CVEs
Ios Xr
ios_xr
193 CVEs
Secure Firewall Management Center
secure_firewall_management_center
182 CVEs
Identity Services Engine
identity_services_engine
167 CVEs
Webex Meetings Server
webex_meetings_server
136 CVEs
Rv110w Firmware
rv110w_firmware
128 CVEs
Rv130w Firmware
rv130w_firmware
127 CVEs
Unified Computing System
unified_computing_system
105 CVEs
Wireless Lan Controller Software
wireless_lan_controller_software
88 CVEs
Prime Infrastructure
prime_infrastructure
88 CVEs
Catalyst Sd Wan Manager
catalyst_sd-wan_manager
87 CVEs
Application Extension Platform
application_extension_platform
79 CVEs
Rv215w Firmware
rv215w_firmware
71 CVEs
Anyconnect Secure Mobility Client
anyconnect_secure_mobility_client
69 CVEs
Webex Meetings
webex_meetings
69 CVEs
Rv215w Wireless N Vpn Router Firmware
rv215w_wireless-n_vpn_router_firmware
68 CVEs
Data Center Network Manager
data_center_network_manager
68 CVEs
Web Security Appliance
web_security_appliance
65 CVEs
Adaptive Security Appliance
adaptive_security_appliance
63 CVEs
Unity Connection
unity_connection
63 CVEs
Rv130 Vpn Router Firmware
rv130_vpn_router_firmware
62 CVEs
Webex Meetings Online
webex_meetings_online
59 CVEs
Rv130 Firmware
rv130_firmware
59 CVEs
Firepower Extensible Operating System
firepower_extensible_operating_system
56 CVEs
Asyncos
asyncos
54 CVEs
Asa 5500
asa_5500
52 CVEs
Rv320 Firmware
rv320_firmware
52 CVEs
Rv325 Firmware
rv325_firmware
52 CVEs
5500 Series Adaptive Security Appliance
5500_series_adaptive_security_appliance
51 CVEs
Email Security Appliance
email_security_appliance
50 CVEs
Evolved Programmable Network Manager
evolved_programmable_network_manager
50 CVEs
Identity Services Engine Software
identity_services_engine_software
49 CVEs
Unified Contact Center Express
unified_contact_center_express
47 CVEs
Rv042 Firmware
rv042_firmware
46 CVEs
Rv042g Firmware
rv042g_firmware
46 CVEs
Telepresence Video Communication Server
telepresence_video_communication_server
42 CVEs
Sd Wan Vmanage
sd-wan_vmanage
42 CVEs
Unified Communications Domain Manager
unified_communications_domain_manager
41 CVEs
Sd Wan Firmware
sd-wan_firmware
41 CVEs
Unified Communications Manager Im And Presence Service
unified_communications_manager_im_and_presence_service
39 CVEs
Rv082 Dual Wan Vpn Router Firmware
rv082_dual_wan_vpn_router_firmware
37 CVEs
Rv016 Firmware
rv016_firmware
37 CVEs
Rv082 Firmware
rv082_firmware
37 CVEs
Rv042 Dual Wan Vpn Router Firmware
rv042_dual_wan_vpn_router_firmware
36 CVEs
Secure Access Control System
secure_access_control_system
35 CVEs
Firesight System Software
firesight_system_software
35 CVEs
Rv340w Firmware
rv340w_firmware
35 CVEs
Rv340 Firmware
rv340_firmware
35 CVEs
Rv345 Firmware
rv345_firmware
35 CVEs
Rv345p Firmware
rv345p_firmware
35 CVEs
Rv016 Multi Wan Vpn Router Firmware
rv016_multi-wan_vpn_router_firmware
35 CVEs
Rv042g Dual Gigabit Wan Vpn Router Firmware
rv042g_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Rv320 Dual Gigabit Wan Vpn Router Firmware
rv320_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Rv325 Dual Gigabit Wan Vpn Router Firmware
rv325_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Secure Access Control Server
secure_access_control_server
34 CVEs
Jabber
jabber
34 CVEs
Prime Collaboration Provisioning
prime_collaboration_provisioning
34 CVEs
Application Policy Infrastructure Controller
application_policy_infrastructure_controller
34 CVEs
Sf302 08pp Firmware
sf302-08pp_firmware
32 CVEs
Sf302 08mpp Firmware
sf302-08mpp_firmware
32 CVEs
Sg300 10pp Firmware
sg300-10pp_firmware
32 CVEs
Sg300 10mpp Firmware
sg300-10mpp_firmware
32 CVEs
Sf300 24pp Firmware
sf300-24pp_firmware
32 CVEs
Sf300 48pp Firmware
sf300-48pp_firmware
32 CVEs
Sg300 28pp Firmware
sg300-28pp_firmware
32 CVEs
Sf300 08 Firmware
sf300-08_firmware
32 CVEs
Sf300 48p Firmware
sf300-48p_firmware
32 CVEs
Sg300 10mp Firmware
sg300-10mp_firmware
32 CVEs
Sg300 10p Firmware
sg300-10p_firmware
32 CVEs
Sg300 10 Firmware
sg300-10_firmware
32 CVEs
Sg300 28p Firmware
sg300-28p_firmware
32 CVEs
Sf300 24p Firmware
sf300-24p_firmware
32 CVEs
Sg300 28 Firmware
sg300-28_firmware
32 CVEs
Sf300 48 Firmware
sf300-48_firmware
32 CVEs
Sg300 20 Firmware
sg300-20_firmware
32 CVEs
Sg300 52 Firmware
sg300-52_firmware
32 CVEs
Sf300 24 Firmware
sf300-24_firmware
32 CVEs
Sf302 08 Firmware
sf302-08_firmware
32 CVEs
Sf300 24mp Firmware
sf300-24mp_firmware
32 CVEs
Sg300 28mp Firmware
sg300-28mp_firmware
32 CVEs
Sg300 52p Firmware
sg300-52p_firmware
32 CVEs
Sg300 52mp Firmware
sg300-52mp_firmware
32 CVEs
Webex Meeting Center
webex_meeting_center
31 CVEs
Meeting Server
meeting_server
31 CVEs
Sg300 10sfp Firmware
sg300-10sfp_firmware
31 CVEs
Telepresence Collaboration Endpoint
telepresence_collaboration_endpoint
31 CVEs
Firepower Threat Defense Software
firepower_threat_defense_software
31 CVEs
Security Manager
security_manager
30 CVEs
Firewall Services Module
firewall_services_module
29 CVEs
Telepresence Video Communication Server Software
telepresence_video_communication_server_software
29 CVEs
Sg500 28mpp Firmware
sg500-28mpp_firmware
29 CVEs
Sf500 24 Firmware
sf500-24_firmware
29 CVEs
Sf500 24p Firmware
sf500-24p_firmware
29 CVEs
Sf500 48 Firmware
sf500-48_firmware
29 CVEs
Sg500 28 Firmware
sg500-28_firmware
29 CVEs

CVEs (6,580)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-6431
1Cisco
1Ios Xe
May 6, 2026
Dec 23, 2015
N/A· v4
6.5 MEDIUM· v3
6.1 MEDIUM· v2
Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packet with the 00-00-00-00-00-00 source MAC address, aka Bug ID CSCux48405.
CVE-2015-6429
1Cisco
2Ios
Ios Xe
May 6, 2026
Dec 19, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka...Show more
The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.Show less
CVE-2015-6428
1Cisco
1Dpq3925 8x4 Docsis 3.0 Wireless Residential Gateway With Embedded Digital Voice Adapter
May 6, 2026
Dec 18, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Cisco DPQ3925 devices with EDVA r1 Base allow remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCuv03958.
CVE-2015-6427
1Cisco
1Firesight System Software
May 6, 2026
Dec 18, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection feature and avoid triggering Snort IDS rules via an SSL session that is mishandled after decryption, aka Bug ID CSCux53437.
CVE-2015-6426
1Cisco
1Prime Network Services Controller
May 6, 2026
Dec 18, 2015
N/A· v4
N/A· v3
7.2 HIGH· v2
Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restrictions and execute arbitrary commands via additional parameters to an unspecified command, aka Bug ID CSCus99427.
CVE-2015-6424
1Cisco
1Application Policy Infrastructure Controller
May 6, 2026
Dec 18, 2015
N/A· v4
N/A· v3
7.2 HIGH· v2
The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows local users to bypass intended access restrictions and obtain single-user-mode root access via unspecified vectors, aka Bug...Show more
The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows local users to bypass intended access restrictions and obtain single-user-mode root access via unspecified vectors, aka Bug ID CSCuu83985.Show less
CVE-2015-6425
1Cisco
1Unified Communications Manager
May 6, 2026
Dec 16, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CS...Show more
The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786.Show less
CVE-2015-6411
1Cisco
1Secure Firewall Management Center
May 6, 2026
Dec 15, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecifi...Show more
Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061.Show less
CVE-2015-6404
1Cisco
1Hosted Collaboration Solution
May 6, 2026
Dec 15, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote authenticated users to obtain sensitive credential information by leveraging admin access and making SOAP API requests, aka...Show more
Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote authenticated users to obtain sensitive credential information by leveraging admin access and making SOAP API requests, aka Bug ID CSCuw84374.Show less
CVE-2015-6403
1Cisco
2Spa300 Firmware
Spa500 Firmware
May 6, 2026
Dec 15, 2015
N/A· v4
N/A· v3
7.2 HIGH· v2
The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, ak...Show more
The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, aka Bug ID CSCut67400.Show less
CVE-2015-6399
1Cisco
1Integrated Management Controller Supervisor
May 6, 2026
Dec 15, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management Controller (IMC) before 2.0(9) allows remote authenticated users to cause a denial of service (IP interface outage) via crafted parameters in an HTTP requ...Show more
The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management Controller (IMC) before 2.0(9) allows remote authenticated users to cause a denial of service (IP interface outage) via crafted parameters in an HTTP request, aka Bug ID CSCuv38286.Show less
CVE-2015-6359
1Cisco
1Ios
May 6, 2026
Dec 15, 2015
N/A· v4
N/A· v3
6.1 MEDIUM· v2
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or...Show more
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or device crash) via a flood of crafted ND messages, aka Bug ID CSCup28217.Show less
CVE-2015-4206
1Cisco
1Unified Communications Manager
May 6, 2026
Dec 15, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS protection mechanism via a crafted parameter, aka Bug ID CSCuu15266.
CVE-2015-6422
1Cisco
1Unified Communications Domain Manager
May 6, 2026
Dec 14, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows remote authenticated users to cause a denial of service (subapplication outage) via malformed requests, aka Bug ID CSCuu1...Show more
The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows remote authenticated users to cause a denial of service (subapplication outage) via malformed requests, aka Bug ID CSCuu10981.Show less
CVE-2015-6416
1Cisco
1Unified Web And E Mail Interaction Manager
May 6, 2026
Dec 14, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.0(1) allows remote attackers to inject arbitrary web script or HTML a crafted URL, aka Bug ID CSC...Show more
Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.0(1) allows remote attackers to inject arbitrary web script or HTML a crafted URL, aka Bug ID CSCuw24479.Show less
CVE-2015-6410
1Cisco
1Telepresence Video Communication Server Software
May 6, 2026
Dec 14, 2015
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setu...Show more
The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283.Show less
CVE-2015-6402
1Cisco
1Epc3928 Docsis 3.0 8x4 Wireless Residential Gateway With Embedded Digital Voice Adapter
May 6, 2026
Dec 14, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, a...Show more
Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935.Show less
CVE-2015-6401
1Cisco
1Epc3928 Docsis 3.0 8x4 Wireless Residential Gateway With Embedded Digital Voice Adapter
May 6, 2026
Dec 14, 2015
N/A· v4
N/A· v3
7.5 HIGH· v2
Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CS...Show more
Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.Show less
CVE-2015-6378
1Cisco
1Dpq3925 8x4 Docsis 3.0 Wireless Residential Gateway With Embedded Digital Voice Adapter
May 6, 2026
Dec 14, 2015
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943.
CVE-2015-6418
1Cisco
7Rv016 Multi Wan Vpn Firmware
Rv042 Dual Wan Vpn Router FirmwareRv042g Dual Gigabit Wan Vpn Firmware+4 more
May 6, 2026
Dec 13, 2015
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspeci...Show more
The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.Show less