Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-3915 1 Cisco 1 Ios 2025-04-11 N/A
The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of service (persistent IKE state) via a large volume of hub-to-spoke traffic, aka Bug ID CSCtq39602.
CVE-2010-0592 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800.
CVE-2012-3919 1 Cisco 1 Application Control Engine Module 2025-04-11 N/A
The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denial of service (incorrect memory access and module reboot) via application traffic, aka Bug ID CSCtw70879.
CVE-2012-3923 1 Cisco 1 Ios 2025-04-11 N/A
The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCte41827.
CVE-2012-3924 1 Cisco 1 Ios 2025-04-11 N/A
The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty97961.
CVE-2012-3935 1 Cisco 2 Jabber Extensible Communications Platform, Unified Presence 2025-04-11 N/A
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
CVE-2012-3936 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962.
CVE-2012-3937 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967.
CVE-2012-3938 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583.
CVE-2012-3939 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331.
CVE-2012-3940 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958.
CVE-2012-3941 1 Cisco 1 Webex Recording Format Player 2025-04-11 N/A
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.
CVE-2010-0591 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362.
CVE-2012-3949 1 Cisco 3 Ios, Ios Xe, Unified Communications Manager 2025-04-11 N/A
The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664.
CVE-2012-3950 1 Cisco 1 Ios 2025-04-11 N/A
The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.
CVE-2012-4072 1 Cisco 1 Unified Computing System 2025-04-11 N/A
The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID CSCte90327.
CVE-2012-4073 1 Cisco 1 Unified Computing System 2025-04-11 N/A
The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or modify KVM data, via a crafted certificate, aka Bug ID CSCte90332.
CVE-2012-4074 1 Cisco 1 Unified Computing System 2025-04-11 N/A
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle attackers to obtain sensitive information or modify the data stream by leveraging knowledge of this key, aka Bug ID CSCte90338.
CVE-2012-4075 1 Cisco 1 Nx-os 2025-04-11 N/A
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788.
CVE-2012-4076 1 Cisco 1 Nx-os 2025-04-11 N/A
Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780.