Max CVSS 10.0 Min CVSS 1.5 Total Count1059
IDCVSSSummaryLast (major) updatePublished
CVE-2019-1643 4.3
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected so
23-01-2019 - 18:29 23-01-2019 - 18:29
CVE-2018-15460 7.8
A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of se
10-01-2019 - 17:29 10-01-2019 - 17:29
CVE-2018-15453 7.8
A vulnerability in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remot
10-01-2019 - 13:29 10-01-2019 - 13:29
CVE-2018-15465 5.5
A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileged actions by using the web management interface. T
24-12-2018 - 09:29 24-12-2018 - 09:29
CVE-2018-15454 7.8
A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected devi
01-11-2018 - 09:29 01-11-2018 - 08:29
CVE-2018-0443 5.0
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vu
17-10-2018 - 18:29 17-10-2018 - 18:29
CVE-2018-0442 5.0
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol component of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the
17-10-2018 - 18:29 17-10-2018 - 18:29
CVE-2018-0441 6.1
A vulnerability in the 802.11r Fast Transition feature set of Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a c
17-10-2018 - 18:29 17-10-2018 - 18:29
CVE-2018-0417 4.6
A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local attacker to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerab
17-10-2018 - 18:29 17-10-2018 - 18:29
CVE-2018-0456 6.8
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application of an affected device to restart unexpectedly. The vulnerabili
17-10-2018 - 16:29 17-10-2018 - 16:29
CVE-2018-0464 5.5
A vulnerability in Cisco Data Center Network Manager software could allow an authenticated, remote attacker to conduct directory traversal attacks and gain access to sensitive files on the targeted system. The vulnerability is due to improper validat
05-10-2018 - 12:29 05-10-2018 - 12:29
CVE-2018-15427 10.0
A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote attacker to log in to an affected system by usin
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-15390 7.1
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability e
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-15383 7.8
A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to relo
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-15379 7.5
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute command
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0481 7.2
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected softwar
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0480 5.7
A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service (DoS) condition. The vulnerability is due to a race condition t
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0477 7.2
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected softwar
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0476 7.1
A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerabili
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0475 6.1
A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0473 5.0
A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0472 7.8
A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0471 6.1
A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The vulner
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0470 7.8
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to th
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0469 7.1
A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a double-free-in-memory handling by the affected software when speci
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0467 7.8
A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacke
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-0466 6.1
A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-11776 9.3
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time
22-08-2018 - 09:29 22-08-2018 - 09:29
CVE-2018-0428 7.2
A vulnerability in the account management subsystem of Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerabili
15-08-2018 - 16:29 15-08-2018 - 16:29
CVE-2018-0410 7.8
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. T
15-08-2018 - 16:29 15-08-2018 - 16:29
CVE-2018-0409 5.0
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to caus
15-08-2018 - 16:29 15-08-2018 - 16:29
CVE-2018-0385 5.0
A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-0384 5.0
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exist
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-0383 5.0
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exis
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-0370 5.0
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is
16-07-2018 - 13:29 16-07-2018 - 13:29
CVE-2018-0313 9.0
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit. The vulnerability is due
21-06-2018 - 07:29 21-06-2018 - 07:29
CVE-2018-0311 7.8
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists becaus
21-06-2018 - 07:29 21-06-2018 - 07:29
CVE-2018-0310 10.0
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the aff
21-06-2018 - 07:29 21-06-2018 - 07:29
CVE-2018-0305 5.0
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability exists becau
21-06-2018 - 07:29 21-06-2018 - 07:29
CVE-2018-0330 6.5
A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. The vulnerability is du
20-06-2018 - 17:29 20-06-2018 - 17:29
CVE-2018-0314 7.5
A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affecte
20-06-2018 - 17:29 20-06-2018 - 17:29
CVE-2018-0312 7.5
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The v
20-06-2018 - 17:29 20-06-2018 - 17:29
CVE-2018-0308 7.5
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists be
20-06-2018 - 17:29 20-06-2018 - 17:29
CVE-2018-0304 10.0
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary
20-06-2018 - 17:29 20-06-2018 - 17:29
CVE-2018-0301 10.0
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow. The vulnerability is due to incorrect input
20-06-2018 - 17:29 20-06-2018 - 17:29
CVE-2018-0339 4.3
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability
07-06-2018 - 17:29 07-06-2018 - 17:29
CVE-2018-0353 5.0
A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. The vulnerability is due
07-06-2018 - 08:29 07-06-2018 - 08:29
CVE-2018-0296 5.0
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possi
07-06-2018 - 08:29 07-06-2018 - 08:29
CVE-2018-0327 4.3
A vulnerability in the web framework of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability i
16-05-2018 - 23:29 16-05-2018 - 23:29
CVE-2018-0289 4.3
A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of requests stored in logs in the applica
16-05-2018 - 23:29 16-05-2018 - 23:29
CVE-2018-0277 5.0
A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the IS
16-05-2018 - 23:29 16-05-2018 - 23:29
CVE-2018-0258 10.0
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability
02-05-2018 - 18:29 02-05-2018 - 18:29
CVE-2018-0253 10.0
A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the target
02-05-2018 - 18:29 02-05-2018 - 18:29
CVE-2018-0252 7.8
A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resultin
02-05-2018 - 18:29 02-05-2018 - 18:29
CVE-2018-0235 6.1