Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2023-20047 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco products A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and Cisco Webex Share devices could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient resource allocation. | 6.5 |
| 2023-01-20 | CVE-2023-20057 | Injection vulnerability in Cisco Asyncos A vulnerability in the URL filtering mechanism of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation filters on an affected device. This vulnerability is due to improper processing of URLs. | 5.3 |
| 2023-01-20 | CVE-2023-20058 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. | 6.1 |
| 2023-01-02 | CVE-2015-10011 | Improper Encoding or Escaping of Output vulnerability in Cisco Openresolve A vulnerability classified as problematic has been found in OpenDNS OpenResolve. | 9.8 |
| 2023-01-02 | CVE-2015-10010 | Unspecified vulnerability in Cisco Openresolve A vulnerability was found in OpenDNS OpenResolve. | 6.1 |
| 2022-12-12 | CVE-2022-20686 | Improper Validation of Specified Quantity in Input vulnerability in Cisco products Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. | 5.3 |
| 2022-12-12 | CVE-2022-20687 | Improper Validation of Specified Quantity in Input vulnerability in Cisco products Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. These vulnerabilities are due to missing length validation of certain LLDP packet header fields. | 5.3 |
| 2022-12-12 | CVE-2022-20688 | Improper Validation of Specified Quantity in Input vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. | 5.3 |
| 2022-12-12 | CVE-2022-20689 | Improper Validation of Specified Quantity in Input vulnerability in Cisco products Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. | 8.8 |
| 2022-12-12 | CVE-2022-20690 | Improper Validation of Specified Quantity in Input vulnerability in Cisco products Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages. | 8.8 |