← Back

Cisco

cisco

6,592 CVEs • 6,223 products

Products (6,223)

Click to collapse
Toggle
Ios
ios
Ios Xe
ios_xe
Nx Os
nx_os
Ios Xr
ios_xr
Asyncos
asyncos
Asa 5500
asa_5500
Jabber
jabber

CVEs (6,592)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Cisco
1Small Business Wireless Access Ppoints
Apr 29, 2026
Feb 13, 2013
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, and WET200 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SSID that is not properly handl...Show more
Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, and WET200 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SSID that is not properly handled during a site survey, aka Bug IDs CSCua86182, CSCua91196, CSCud36155, and CSCua86190.Show less
1Cisco
2Nexus 7000
Nx Os
Apr 29, 2026
Feb 13, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted packets, aka Bug ID C...Show more
Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted packets, aka Bug ID CSCud15673.Show less
1Cisco
1Unity Express Software
Apr 29, 2026
Feb 13, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527.
1Cisco
2Ata 187 Analog Telephone Adaptor
Ata 187 Analog Telephone Adaptor Firmware
Apr 29, 2026
Feb 13, 2013
N/A· v4
N/A· v3
9.0 HIGH· v2
The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors in...Show more
The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038.Show less
1Cisco
1Ios
Apr 29, 2026
Feb 13, 2013
N/A· v4
N/A· v3
5.4 MEDIUM· v2
The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, a...Show more
The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.Show less
1Cisco
2Unity Express
Unity Express Software
Apr 29, 2026
Feb 6, 2013
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CS...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910.Show less
1Cisco
1Webex Social
Apr 29, 2026
Feb 6, 2013
N/A· v4
N/A· v3
4.0 MEDIUM· v2
The search function in Cisco Webex Social (formerly Cisco Quad) allows remote authenticated users to read files via unspecified parameters, aka Bug ID CSCud40235.
1Cisco
1Unified Communications Domain Manager
Apr 29, 2026
Jan 31, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager allows remote attackers to inject arbitrary web script or HTML via a crafted parameter value, aka Bug ID CSCue21042.
1Cisco
1Carrier Routing System
Apr 29, 2026
Jan 31, 2013
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Cisco Carrier Routing System (CRS) allows remote attackers to cause a denial of service (packet loss) via short malformed packets that trigger inefficient processing, aka Bug ID CSCud79136.
1Cisco
1Nac Appliance
Apr 29, 2026
Jan 31, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cm or (2) uri...Show more
Multiple cross-site scripting (XSS) vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cm or (2) uri parameters to (a) perfigo_weblogin.jsp, or the (3) cm, (4) provider, (5) session, (6) uri, (7) userip, or (8) username parameters to (b) perfigo_cm_validate.jsp, aka Bug ID CSCud15109.Show less
1Cisco
72000 Wireless Lan Controller
2100 Wireless Lan Controller2500 Wireless Lan Controller+4 more
Apr 29, 2026
Jan 24, 2013
N/A· v4
N/A· v3
9.0 HIGH· v2
Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.3, 7.1 and 7.2 before 7.2.111.3, and 7.3 before 7.3.101.0 allow remote authenticated users to bypass wireless-management settings and read or m...Show more
Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.3, 7.1 and 7.2 before 7.2.111.3, and 7.3 before 7.3.101.0 allow remote authenticated users to bypass wireless-management settings and read or modify the device configuration via an SNMP request, aka Bug ID CSCua60653.Show less
1Cisco
92000 Wireless Lan Controller
2100 Wireless Lan Controller2500 Wireless Lan Controller+6 more
Apr 29, 2026
Jan 24, 2013
N/A· v4
N/A· v3
9.0 HIGH· v2
The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15...Show more
The HTTP Profiling functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636.Show less
1Cisco
92000 Wireless Lan Controller
2100 Wireless Lan Controller2500 Wireless Lan Controller+6 more
Apr 29, 2026
Jan 24, 2013
N/A· v4
N/A· v3
7.8 HIGH· v2
Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP pack...Show more
Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659.Show less
1Cisco
92000 Wireless Lan Controller
2100 Wireless Lan Controller2500 Wireless Lan Controller+6 more
Apr 29, 2026
Jan 24, 2013
N/A· v4
N/A· v3
7.8 HIGH· v2
The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers...Show more
The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID CSCtx80743.Show less
1Cisco
1Webex Training Center
Apr 29, 2026
Jan 21, 2013
N/A· v4
N/A· v3
4.0 MEDIUM· v2
Cisco WebEx Training Center allow remote authenticated users to bypass intended privilege restrictions and (1) enable or (2) disable training-center recordings via a crafted URL, aka Bug ID CSCzu81065.
1Cisco
1Webex Training Center
Apr 29, 2026
Jan 21, 2013
N/A· v4
N/A· v3
4.0 MEDIUM· v2
Cisco WebEx Training Center allows remote authenticated users to remove hands-on lab-session reservations via a crafted URL, aka Bug ID CSCzu81064.
1Cisco
5Nexus 7000
Nexus 7000 10 SlotNexus 7000 18 Slot+2 more
Apr 29, 2026
Jan 19, 2013
N/A· v4
N/A· v3
4.9 MEDIUM· v2
Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a crafted configuratio...Show more
Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a crafted configuration that references interfaces that do not exist on the new card, aka Bug ID CSCud44300.Show less
1Cisco
4Adaptive Security Appliance
Adaptive Security Appliance SoftwareAsa 1000v Cloud Firewall+1 more
Apr 29, 2026
Jan 18, 2013
N/A· v4
N/A· v3
6.3 MEDIUM· v2
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device c...Show more
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775.Show less
1Cisco
4Adaptive Security Appliance
Adaptive Security Appliance SoftwareAsa 1000v Cloud Firewall+1 more
Apr 29, 2026
Jan 18, 2013
N/A· v4
N/A· v3
6.3 MEDIUM· v2
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing m...Show more
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462.Show less
1Cisco
1Vpn Client
Apr 29, 2026
Jan 17, 2013
N/A· v4
N/A· v3
4.6 MEDIUM· v2
The VPN driver in Cisco VPN Client on Windows does not properly interact with the kernel, which allows local users to cause a denial of service (kernel fault and system crash) via a crafted application, aka Bug ID CSCuc8...Show more
The VPN driver in Cisco VPN Client on Windows does not properly interact with the kernel, which allows local users to cause a denial of service (kernel fault and system crash) via a crafted application, aka Bug ID CSCuc81669.Show less