Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-12-18 | CVE-2014-8014 | Data Processing Errors vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710. | 5.0 |
| 2014-12-17 | CVE-2014-8006 | Improper Authentication vulnerability in Cisco Isb8320-E High-Definition Ip-Only DVR The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bug ID CSCup85422. | 4.3 |
| 2014-12-13 | CVE-2014-3364 | Cross-Site Scripting vulnerability in Cisco Prime Security Manager Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary Dashboard parameter, aka Bug ID CSCuq80661. | 4.3 |
| 2014-12-10 | CVE-2014-8010 | Improper Input Validation vulnerability in Cisco Unified Communications Domain Manager 8.0 The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205. | 6.5 |
| 2014-12-10 | CVE-2014-8009 | Information Exposure vulnerability in Cisco Unified Computing System The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239. | 5.0 |
| 2014-12-10 | CVE-2014-8003 | Improper Input Validation vulnerability in Cisco Unified Computing System Cisco Integrated Management Controller in Cisco Unified Computing System 2.2(2c)A and earlier allows local users to obtain shell access via a crafted map-nfs command, aka Bug ID CSCup05998. | 7.2 |
| 2014-11-28 | CVE-2014-3407 | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888. | 5.0 |
| 2014-11-26 | CVE-2014-8005 | Race Condition vulnerability in Cisco IOS XR Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239. | 5.0 |
| 2014-11-25 | CVE-2014-8004 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378. | 5.0 |
| 2014-11-25 | CVE-2014-8002 | Buffer Errors vulnerability in Cisco Openh264 1.2.0 Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file. | 7.5 |