Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-04-05 | CVE-2013-1174 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Hosted Collaboration Solution Cisco Tivoli Business Service Manager (TBSM) in Hosted Collaboration Mediation (HCM) in Cisco Hosted Collaboration Solution allows remote attackers to cause a denial of service (temporary service hang) by sending many TCP packets to certain ports, aka Bug ID CSCue03703. | 5.0 |
2013-04-01 | CVE-2013-1171 | Cross-Site Scripting vulnerability in Cisco Connected Grid Network Management System Multiple cross-site scripting (XSS) vulnerabilities in the element-list implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs CSCue14517, CSCue38914, CSCue38884, CSCue38882, CSCue38881, CSCue38872, CSCue38868, CSCue38866, CSCue38853, and CSCue14540. | 4.3 |
2013-04-01 | CVE-2013-1163 | SQL Injection vulnerability in Cisco Connected Grid Network Management System Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746. | 7.5 |
2013-03-28 | CVE-2013-1148 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS and IOS XE The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594. | 7.8 |
2013-03-28 | CVE-2013-1147 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource, aka Bug ID CSCtz35999. | 7.8 |
2013-03-28 | CVE-2013-1146 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790. | 7.8 |
2013-03-28 | CVE-2013-1145 | Resource Management Errors vulnerability in Cisco IOS Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174. | 7.8 |
2013-03-28 | CVE-2013-1144 | Resource Management Errors vulnerability in Cisco IOS 15.1 Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055. | 7.8 |
2013-03-28 | CVE-2013-1143 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS and IOS XE The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957. | 7.1 |
2013-03-28 | CVE-2013-1142 | Race Condition vulnerability in Cisco IOS Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745. | 7.8 |