Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-24 | CVE-2016-1366 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS XR The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848. | 6.5 |
| 2016-03-24 | CVE-2016-1347 | Resource Management Errors vulnerability in Cisco IOS The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708. | 7.5 |
| 2016-03-12 | CVE-2016-1361 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900. | 5.3 |
| 2016-03-12 | CVE-2016-1360 | Information Exposure vulnerability in Cisco Prime LAN Management Solution Cisco Prime LAN Management Solution (LMS) through 4.2.5 uses the same database decryption key across different customers' installations, which allows local users to obtain cleartext data by leveraging console connectivity, aka Bug ID CSCuw85390. | 7.1 |
| 2016-03-12 | CVE-2016-1338 | Resource Management Errors vulnerability in Cisco Telepresence Video Communication Server Software X8.5.1/X8.5.2 Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026. | 6.5 |
| 2016-03-09 | CVE-2016-1327 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCuv05935. | 9.8 |
| 2016-03-09 | CVE-2016-1326 | Resource Management Errors vulnerability in Cisco Dpq3925 8X4 Docsis 3.0 Wireless Residential Gateway With Embedded Digital Voice Adapter R1Base The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105. | 7.5 |
| 2016-03-09 | CVE-2016-1325 | Information Exposure vulnerability in Cisco Dpc3939 Wireless Residential Voice Gateway Firmware 130514Acmcstbase The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. | 7.5 |
| 2016-03-09 | CVE-2016-1312 | Resource Management Errors vulnerability in Cisco ASA 5500 Csc-Ssm Firmware 6.6.1125.0 The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147. | 7.5 |
| 2016-03-03 | CVE-2016-1359 | Improper Input Validation vulnerability in Cisco Prime Infrastructure 3.0 Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled during viewing of a log file, aka Bug ID CSCuw81494. | 8.8 |