cisco vulnerabilities and exploits

3.3
CVSSv2
CVE-2018-0249

A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected...

5.5
CVSSv2
CVE-2018-0381

A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that...

7.5
CVSSv2
CVE-2018-0321

A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system. The vulnerability is due to an open port in the Network Interface and Configuration Engine (NICE) service. An...

4.6
CVSSv2
CVE-2012-4131

Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164....

5
CVSSv2
CVE-2016-6364

The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855....

9.3
CVSSv2
CVE-2018-15439

A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a...

CiscoSmall Business Switches
5
CVSSv2
CVE-2012-4658

The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447....

4.3
CVSSv2
CVE-2015-0624

The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630,...

6.5
CVSSv2
CVE-2014-3336

SQL injection vulnerability in the web framework in Cisco Unity Connection 9.1(2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted request, aka Bug ID CSCuq31016....