Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-02-17 | CVE-2010-0641 | Cross-Site Scripting vulnerability in Cisco Collaboration Server 5.0 Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collaboration Server (CCS) 5 allows remote attackers to inject arbitrary web script or HTML via the dest parameter. | 4.3 |
2010-02-11 | CVE-2010-0145 | Unspecified vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923. | 10.0 |
2010-02-11 | CVE-2010-0144 | Unspecified vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922. | 7.8 |
2010-02-11 | CVE-2010-0143 | Unspecified vulnerability in Cisco Ironport Encryption Appliance and Ironport Postx Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921. | 7.8 |
2010-01-28 | CVE-2010-0142 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Meetingplace MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530. | 8.5 |
2010-01-28 | CVE-2010-0141 | Credentials Management vulnerability in Cisco Unified Meetingplace 6.0/6.0.170.0/6.0.244 MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935. | 6.4 |
2010-01-28 | CVE-2010-0140 | Multiple vulnerability in Cisco Unified MeetingPlace Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 and CSCtd40661. | 10.0 |
2010-01-28 | CVE-2010-0139 | SQL Injection vulnerability in Cisco Unified Meetingplace Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in a database via unspecified vectors, aka Bug ID CSCtc39691. | 9.0 |
2010-01-21 | CVE-2010-0138 | Buffer Errors vulnerability in Cisco Ciscoworks Internetwork Performance Monitor 2.4/2.5 Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350. | 10.0 |
2010-01-21 | CVE-2010-0137 | Remote Denial of Service vulnerability in Cisco IOS XR SSH Protocol Implementation Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574. | 7.8 |