Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-05-08 | CVE-2014-2132 | Buffer Errors vulnerability in Cisco products Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768. | 7.8 |
| 2014-05-07 | CVE-2014-2191 | Cross-Site Scripting vulnerability in Cisco Broadband Access Center Telco Wireless Software Cross-site scripting (XSS) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun91113. | 4.3 |
| 2014-05-07 | CVE-2014-2190 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Broadband Access Center Telco Wireless Software Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless (aka BAC-TW) allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389. | 6.8 |
| 2014-05-07 | CVE-2014-0685 | Permissions, Privileges, and Access Controls vulnerability in Cisco Nexus 1000V Intercloud 5.2(1)Ic1(1.2) Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691. | 5.0 |
| 2014-05-07 | CVE-2014-0684 | Improper Input Validation vulnerability in Cisco products Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136. | 4.6 |
| 2014-05-02 | CVE-2014-2175 | Improper Input Validation vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allow remote attackers to cause a denial of service (memory consumption) via crafted H.225 packets, aka Bug ID CSCtq78849. | 7.8 |
| 2014-05-02 | CVE-2014-2173 | Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 do not properly restrict access to the serial port, which allows local users to gain privileges via unspecified commands, aka Bug ID CSCub67692. | 7.2 |
| 2014-05-02 | CVE-2014-2172 | Buffer Errors vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows local users to gain privileges by leveraging improper handling of the u-boot compiler flag for internal executable files, aka Bug ID CSCub67693. | 6.6 |
| 2014-05-02 | CVE-2014-2171 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796. | 10.0 |
| 2014-05-02 | CVE-2014-2170 | Code Injection vulnerability in Cisco Telepresence TC Software and Telepresence TE Software Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before 6.0.1 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to tshell (aka tcsh) scripts, aka Bug ID CSCue60202. | 9.0 |