Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-07-14 | CVE-2014-3319 | Path Traversal vulnerability in Cisco Unified Communications Manager 10.0(1) Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676. | 6.8 |
2014-07-14 | CVE-2014-3317 | Path Traversal vulnerability in Cisco Unified Communications Manager 10.0(1) Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314. | 5.5 |
2014-07-14 | CVE-2013-6691 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. | 6.8 |
2014-07-14 | CVE-2013-5567 | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606. | 5.4 |
2014-07-10 | CVE-2014-3318 | Improper Input Validation vulnerability in Cisco Unified Communications Manager 10.0(1)Base Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318. | 4.0 |
2014-07-10 | CVE-2014-3316 | Improper Input Validation vulnerability in Cisco Unified Communications Manager 10.0(1)Base The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297. | 4.0 |
2014-07-10 | CVE-2014-3315 | Cross-Site Scripting vulnerability in Cisco Unified Communications Manager 10.0(1)Base Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308. | 4.3 |
2014-07-10 | CVE-2014-3311 | Buffer Errors vulnerability in Cisco Webex Meeting Center and Webex Meetings Server Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467. | 5.1 |
2014-07-10 | CVE-2014-3310 | Improper Input Validation vulnerability in Cisco Webex Meeting Center and Webex Meetings Server The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463. | 4.3 |
2014-07-09 | CVE-2014-3313 | Cross-Site Scripting vulnerability in Cisco products Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582. | 4.3 |