Filtered by vendor Cisco
Subscriptions
Total
6593 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-0648 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187. | ||||
| CVE-2014-0650 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962. | ||||
| CVE-2014-0652 | 1 Cisco | 1 Context Directory Agent | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuj45358. | ||||
| CVE-2014-0654 | 1 Cisco | 1 Context Directory Agent | 2025-04-11 | N/A |
| Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383. | ||||
| CVE-2014-0658 | 1 Cisco | 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware | 2025-04-11 | N/A |
| Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898. | ||||
| CVE-2014-0656 | 1 Cisco | 1 Context Directory Agent | 2025-04-11 | N/A |
| Cisco Context Directory Agent (CDA) allows remote authenticated users to trigger the omission of certain user-interface data via crafted field values, aka Bug ID CSCuj45353. | ||||
| CVE-2014-0660 | 1 Cisco | 1 Telepresence Isdn Gateway Software | 2025-04-11 | N/A |
| Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote attackers to cause a denial of service (D-channel call outage) via a crafted Q.931 STATUS message, aka Bug ID CSCui50360. | ||||
| CVE-2014-0664 | 1 Cisco | 1 Unity Connection | 2025-04-11 | N/A |
| The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976. | ||||
| CVE-2014-0667 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169. | ||||
| CVE-2014-0668 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCue65949. | ||||
| CVE-2014-0669 | 1 Cisco | 1 Asr 5000 Series Software | 2025-04-11 | N/A |
| The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions via unspecified WSP packets, aka Bug ID CSCuh28371. | ||||
| CVE-2014-0670 | 1 Cisco | 1 Mediasense | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686. | ||||
| CVE-2014-0671 | 1 Cisco | 1 Mediasense | 2025-04-11 | N/A |
| Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749. | ||||
| CVE-2014-0674 | 1 Cisco | 1 Video Surveillance Operations Manager | 2025-04-11 | N/A |
| Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host name, aka Bug ID CSCud10992. | ||||
| CVE-2014-0675 | 1 Cisco | 1 Telepresence Video Communication Server | 2025-04-11 | N/A |
| The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471. | ||||
| CVE-2014-0676 | 1 Cisco | 1 Nx-os | 2025-04-11 | N/A |
| Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367. | ||||
| CVE-2014-0677 | 1 Cisco | 1 Nx-os | 2025-04-11 | N/A |
| The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed Hello messages, aka Bug ID CSCul88851. | ||||
| CVE-2014-0678 | 1 Cisco | 1 Secure Access Control System | 2025-04-11 | N/A |
| The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951. | ||||
| CVE-2014-0680 | 1 Cisco | 1 Identity Services Engine | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCui15038. | ||||
| CVE-2014-0686 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
| Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and CSCul24908. | ||||