Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-12 | CVE-2011-4661 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured. | 7.5 |
| 2020-02-07 | CVE-2013-1202 | Unspecified vulnerability in Cisco ACE Application Control Engine Module A2 3.6/3.6A Cisco ACE A2(3.6) allows log retention DoS. | 7.5 |
| 2020-02-06 | CVE-2013-3568 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Linksys Wrt110 Firmware Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | 8.8 |
| 2020-02-05 | CVE-2013-2680 | Cleartext Storage of Sensitive Information vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information. | 7.5 |
| 2020-02-05 | CVE-2020-3119 | Out-of-bounds Write vulnerability in Cisco Nx-Os A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. | 8.8 |
| 2020-02-05 | CVE-2020-3118 | Out-of-bounds Write vulnerability in Cisco IOS XR A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. | 8.8 |
| 2020-02-05 | CVE-2020-3111 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. | 8.8 |
| 2020-02-05 | CVE-2020-3110 | Improper Input Validation vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol implementation for the Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP Camera. | 8.8 |
| 2020-02-04 | CVE-2013-2678 | Injection vulnerability in Cisco Linksys E4200 Firmware 1.0.05 Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter. | 8.1 |
| 2020-01-30 | CVE-2020-3147 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |