Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-06 | CVE-2019-1933 | Improper Input Validation vulnerability in Cisco Email Security Appliance 11.1.2023 A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. | 7.4 |
| 2019-07-06 | CVE-2019-1922 | NULL Pointer Dereference vulnerability in Cisco products A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. | 7.5 |
| 2019-07-06 | CVE-2019-1921 | Improper Input Validation vulnerability in Cisco Email Security Appliance 12.0.0419 A vulnerability in the attachment scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the device. | 7.5 |
| 2019-07-06 | CVE-2019-1911 | Containment Errors (Container Errors) vulnerability in Cisco Hosted Collaboration Solution A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. | 7.8 |
| 2019-07-06 | CVE-2019-1894 | Improper Input Validation vulnerability in Cisco Enterprise NFV Infrastructure Software 3.9.1 A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the underlying operating system (OS) of an affected device. | 7.2 |
| 2019-07-06 | CVE-2019-1893 | OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software 3.9.1 A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device as root. | 7.8 |
| 2019-07-06 | CVE-2019-1892 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) input packet processor of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a memory corruption on an affected device. | 7.5 |
| 2019-07-06 | CVE-2019-1891 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Managed Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-07-06 | CVE-2019-1887 | Out-of-bounds Write vulnerability in Cisco Unified Communications Manager A vulnerability in the Session Initiation Protocol (SIP) protocol implementation of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2019-07-04 | CVE-2019-1889 | Improper Input Validation vulnerability in Cisco Application Policy Infrastructure Controller 4.1(1J) A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. | 7.2 |