Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-05 | CVE-2014-3400 | Information Exposure vulnerability in Cisco Webex Meetings Server Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive information by reading logs, aka Bug IDs CSCuq36417 and CSCuq40344. | 4.0 |
2014-10-05 | CVE-2014-3396 | Permissions, Privileges, and Access Controls vulnerability in Cisco products Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133. | 7.5 |
2014-09-30 | CVE-2014-3395 | Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.5 Cisco WebEx Meetings Server (WMS) 2.5 allows remote attackers to trigger the download of arbitrary files via a crafted URL, aka Bug ID CSCup10343. | 5.0 |
2014-09-29 | CVE-2013-3068 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Linksys Wrt310N Router Firmware and Linksys Wrt350N Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksys WRT310Nv2 2.0.0.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords and modify remote management ports. | 6.8 |
2014-09-25 | CVE-2014-3361 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071. | 7.1 |
2014-09-25 | CVE-2014-3360 | OS Command Injection vulnerability in Cisco IOS and IOS XE Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. | 7.8 |
2014-09-25 | CVE-2014-3359 | Resource Management Errors vulnerability in Cisco IOS and IOS XE Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081. | 7.8 |
2014-09-25 | CVE-2014-3358 | OS Command Injection vulnerability in Cisco IOS and IOS XE Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. | 7.8 |
2014-09-25 | CVE-2014-3357 | OS Command Injection vulnerability in Cisco IOS and IOS XE Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. | 7.8 |
2014-09-25 | CVE-2014-3356 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XE The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allows remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCue22753. | 7.8 |