← Back

Cisco

cisco

6,592 CVEs • 6,223 products

Products (6,223)

Click to collapse
Toggle
Ios
ios
Ios Xe
ios_xe
Nx Os
nx_os
Ios Xr
ios_xr
Asyncos
asyncos
Asa 5500
asa_5500
Jabber
jabber

CVEs (6,592)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Cisco
2Ios
Ios Xe
Apr 29, 2026
Mar 28, 2013
N/A· v4
N/A· v3
7.1 HIGH· v2
The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a...Show more
The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957.Show less
1Cisco
1Ios
Apr 29, 2026
Mar 28, 2013
N/A· v4
N/A· v3
7.8 HIGH· v2
Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCt...Show more
Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745.Show less
1Cisco
1Ios Xr
Apr 29, 2026
Mar 26, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The traffic engineering (TE) processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service (process restart) via crafted TE packets, aka Bug ID CSCue04000.
1Cisco
1Jabber Im
Apr 29, 2026
Mar 26, 2013
N/A· v4
N/A· v3
6.3 MEDIUM· v2
The XML parser in the Cisco Jabber IM application for Android allows remote authenticated users to cause a denial of service (blocked connection) by leveraging an entry on a Buddy list and sending a crafted XMPP presence...Show more
The XML parser in the Cisco Jabber IM application for Android allows remote authenticated users to cause a denial of service (blocked connection) by leveraging an entry on a Buddy list and sending a crafted XMPP presence update message, aka Bug ID CSCue38383.Show less
1Cisco
4200 Series Smart Switches
200 Series Smart Switches Software300 Series Managed Switches+1 more
Apr 29, 2026
Mar 7, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remo...Show more
The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 and earlier allow remote attackers to cause a denial of service (SSL/TLS layer outage) via malformed (1) SSH or (2) SSL packets, aka Bug ID CSCua30246.Show less
1Cisco
1Prime Infrastructure
Apr 29, 2026
Mar 7, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in the web interface in Cisco Prime Infrastructure allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCue84676.
1Cisco
1Security Monitoring Analysis And Response System
Apr 29, 2026
Mar 6, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an...Show more
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093.Show less
1Cisco
1Aironet Access Point Software
Apr 29, 2026
Mar 5, 2013
N/A· v4
N/A· v3
6.1 MEDIUM· v2
The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, a...Show more
The HTTP Profiler on the Cisco Aironet Access Point with software 15.2 and earlier does not properly manage buffers, which allows remote attackers to cause a denial of service (device reload) via crafted HTTP requests, aka Bug ID CSCuc62460.Show less
1Cisco
2Wireless Lan Controller
Wireless Lan Controller Software
Apr 29, 2026
Feb 28, 2013
N/A· v4
N/A· v3
6.1 MEDIUM· v2
The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service (de...Show more
The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a denial of service (device reload) via crafted mDNS packets, aka Bug ID CSCue04153.Show less
1Cisco
1Network Admission Control
Apr 29, 2026
Feb 28, 2013
N/A· v4
N/A· v3
5.8 MEDIUM· v2
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE s...Show more
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.Show less
1Cisco
1Unified Presence Server
Apr 29, 2026
Feb 27, 2013
N/A· v4
N/A· v3
7.8 HIGH· v2
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
1Cisco
1Prime Central For Hosted Collaboration Solution Assurance
Apr 29, 2026
Feb 27, 2013
N/A· v4
N/A· v3
7.1 HIGH· v2
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 90...Show more
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 9043 or (2) 9443, aka Bug ID CSCuc07155.Show less
1Cisco
1Unified Communications Manager
Apr 29, 2026
Feb 27, 2013
N/A· v4
N/A· v3
7.1 HIGH· v2
The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote a...Show more
The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.Show less
1Cisco
1Unified Communications Manager
Apr 29, 2026
Feb 27, 2013
N/A· v4
N/A· v3
7.8 HIGH· v2
Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via m...Show more
Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337.Show less
1Cisco
1Cloud Portal
Apr 29, 2026
Feb 27, 2013
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID...Show more
The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.Show less
1Cisco
2Adaptive Security Appliance
Adaptive Security Appliance Software
Apr 29, 2026
Feb 25, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386.
1Cisco
1Unity Connection
Apr 29, 2026
Feb 19, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Memory leak in Cisco Unity Connection 9.x allows remote attackers to cause a denial of service (memory consumption and process crash) by sending many TCP requests, aka Bug ID CSCud59736.
1Cisco
10Application Networking Manager
Context Directory AgentIdentity Services Engine Software+7 more
Apr 29, 2026
Feb 19, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Co...Show more
The command-line interface in Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager, and Network Services Manager does not properly validate input, which allows local users to obtain root privileges via unspecified vectors, aka Bug IDs CSCue46001, CSCud95790, CSCue46021, CSCue46025, CSCue46023, CSCue46058, CSCue46013, CSCue46031, CSCue46035, and CSCue46042.Show less
1Cisco
1Unified Meetingplace
Apr 29, 2026
Feb 15, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, ak...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information.Show less
1Cisco
1Unified Meetingplace
Apr 29, 2026
Feb 15, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuc65411 and CSC...Show more
Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuc65411 and CSCue18706.Show less