Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-0747 1 Cisco 3 Headend Digital Broadband Delivery System, Headend System Release, Videoscape Conductor 2025-04-12 N/A
Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408.
CVE-2015-0745 1 Cisco 2 Headend Digital Broadband Delivery System, Headend System Release 2025-04-12 N/A
Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909.
CVE-2015-0744 1 Cisco 3 Dta Control System, Headend Digital Broadband Delivery System, Headend System Release 2025-04-12 N/A
Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315.
CVE-2015-0743 1 Cisco 2 Headend Digital Broadband Delivery System, Headend System Release 2025-04-12 N/A
Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097.
CVE-2015-0742 1 Cisco 1 Adaptive Security Appliance Software 2025-04-12 N/A
The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.
CVE-2015-0741 1 Cisco 1 Hosted Collaboration Solution 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(1) and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut04596.
CVE-2015-0739 1 Cisco 10 Firesight System Software, Sourcefire 3d1000 Sensor, Sourcefire 3d2000 Sensor and 7 more 2025-04-12 N/A
The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller (BMC) file uploads via unspecified vectors, aka Bug ID CSCus87938.
CVE-2015-0738 1 Cisco 1 Web Security Appliance 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Web Tracking Report page on Cisco Web Security Appliance (WSA) devices 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCuu16008.
CVE-2015-0737 1 Cisco 1 Firesight System Software 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.1 allow remote attackers to inject arbitrary web script or HTML via a crafted (1) GET or (2) POST parameter, aka Bug ID CSCuu11099.
CVE-2015-0736 1 Cisco 1 Mediasense 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728.
CVE-2015-0735 1 Cisco 1 Unified Customer Voice Portal 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Customer Voice Portal (CVP) 10.5(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut93970.
CVE-2015-0734 1 Cisco 1 Email Security Appliance Firmware 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5.6-106 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCut87743.
CVE-2015-0732 1 Cisco 3 Content Security Management Virtual Appliance, Email Security Appliance Firmware, Web Security Appliance 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuu37430, CSCuu37420, CSCut71981, and CSCuv50167.
CVE-2015-0730 1 Cisco 1 Wide Area Application Services 2025-04-12 N/A
The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) allows remote attackers to cause a denial of service (module reload) via an invalid field in a Negotiate Protocol request, aka Bug ID CSCuo75645.
CVE-2015-0729 1 Cisco 1 Secure Access Control Server 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote attackers to inject arbitrary web script or HTML via a file-inclusion attack, aka Bug ID CSCuu11005.
CVE-2015-0728 1 Cisco 1 Secure Access Control System 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in Cisco Access Control Server (ACS) 5.5(0.1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu11002.
CVE-2015-0727 1 Cisco 1 Security Manager 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP1(1) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27789.
CVE-2015-0726 1 Cisco 1 Wireless Lan Controller Software 2025-04-12 N/A
The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1.x through 7.4.x before 7.4.122, and 7.5.x and 7.6.x before 7.6.120 allows remote authenticated users to cause a denial of service (device crash) via unspecified parameters, aka Bug IDs CSCum65159 and CSCum65252.
CVE-2015-0725 1 Cisco 2 Videoscape Distribution Suite For Internet Streaming, Videoscape Distribution Suite Service Broker 2025-04-12 N/A
Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.
CVE-2015-0724 1 Cisco 1 Headend Digital Broadband Delivery System 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 in Cisco Headend Digital Broadband Delivery System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCur25604.