Cisco
cisco
6,602 CVEs • 6,224 products
Products (6,224)
Click to collapseToggle
Products (6,224)
Click to collapse
CVEs (6,602)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Cisco 18Spa2102 Phone Adapter With Router Spa2102 Phone Adapter With Router FirmwareSpa3102 Voice Gateway With Router+15 moreApr 29, 2026 Jun 13, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to i...Show more |
1Cisco 3Asr 9000 Rsp440 Router Crs Performance Route ProcessorIos XrApr 29, 2026 May 31, 2012 N/A· v4 N/A· v3 7.8 HIGH· v2 Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593. |
1Cisco 2Unified Ip Phone Unified Ip Phone FirmwareApr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected dat...Show more |
dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (assertion failure and reboot) via 802.11 wireless traffic, as demonstrated by a video call from Ap...Show more |
Race condition in the Zone-Based Firewall in Cisco IOS 15.1 and 15.2, when IPS policies are configured, allows remote attackers to cause a denial of service (device crash) by sending IPv6 packets, aka Bug ID CSCtk53534. |
1Cisco 25500 Series Adaptive Security Appliance Adaptive Security Appliance SoftwareApr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 7.8 HIGH· v2 Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow remote attackers to cause a denial of service (connection limit exceeded) by triggering a large number of stale connections...Show more |
1Cisco 1Unified Communications Manager Apr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The voice-sipstack component in Cisco Unified Communications Manager (CUCM) 8.5 allows remote attackers to cause a denial of service (core dump) via vectors involving SIP messages that arrive after an upgrade, aka Bug ID...Show more |
CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary HTTP headers and condu...Show more |
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a seri...Show more |
Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device crash) via unspecified...Show more |
1Cisco 12Nexus 2148t Fex Switch Nexus 2224tp Fex SwitchNexus 2232pp Fex Switch+9 moreApr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 7.8 HIGH· v2 Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows remote authenticated users to cause a denial of service (memory consumption) via SNMP requests, aka Bug ID CSCtr65682. |
The sensor in Cisco Intrusion Prevention System (IPS) 7.0 and 7.1 allows remote attackers to cause a denial of service (file-handle exhaustion and mainApp hang) by making authentication attempts that exceed the configure...Show more |
1Cisco 2Ios Unified Communications ManagerApr 29, 2026 May 3, 2012 N/A· v4 N/A· v3 5.4 MEDIUM· v2 Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIB...Show more |
The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumst...Show more |
The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 through 8.6 does not limit the rate of SCCP messages to Cisco Unified Communications Manager (CUCM), which allows remote attackers to cause a denial of serv...Show more |
Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish TELNET connections from arbitrary source IP addresses v...Show more |
Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via...Show more |
SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939. |
1Cisco 25500 Series Adaptive Security Appliance Adaptive Security Appliance SoftwareApr 29, 2026 May 2, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain s...Show more |
1Cisco 2Small Business Ip Phone Small Business Ip Phone FirmwareApr 29, 2026 May 2, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSC...Show more |