Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-3450 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028.
CVE-2013-3448 1 Cisco 1 Webex Meetings Server 2025-04-11 N/A
Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote authenticated users to bypass intended access restrictions by performing meeting operations after account deactivation, aka Bug ID CSCuh33315.
CVE-2013-3446 1 Cisco 1 Digital Media Manager 2025-04-11 N/A
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849.
CVE-2013-3429 1 Cisco 1 Video Surveillance Manager 2025-04-11 N/A
Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 allow remote attackers to read system files via a crafted URL, related to the Cisco_VSBWT (aka Broadware sample code) package, aka Bug ID CSCsv37163.
CVE-2013-3428 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957.
CVE-2013-3426 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2025-04-11 N/A
The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810.
CVE-2013-3425 1 Cisco 1 Webex 2025-04-11 N/A
The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965.
CVE-2013-3424 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177.
CVE-2013-3423 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174.
CVE-2013-3422 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165.
CVE-2013-3421 1 Cisco 1 Secure Access Control System 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Help index page in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75170.
CVE-2013-3412 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.
CVE-2013-3411 1 Cisco 2 Idsm-2, Intrusion Prevention System 2025-04-11 N/A
The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 module allow remote attackers to cause a denial of service (device hang) via malformed IPv4 TCP packets, aka Bug ID CSCuh27460.
CVE-2013-3410 1 Cisco 2 Intrusion Prevention System, Ips Nme 2025-04-11 N/A
Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote attackers to cause a denial of service (device reload) via malformed IPv4 packets that trigger incorrect memory allocation, aka Bug ID CSCua61977.
CVE-2013-3409 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
The portal in Cisco Prime Central for Hosted Collaboration Solution (HCS) places cleartext credentials in temporary files, which allows local users to obtain sensitive information by leveraging weak file permissions to read these files, aka Bug IDs CSCuh33735 and CSCuh34230.
CVE-2013-3408 1 Cisco 3 Virtualization Experience Client 6000, Virtualization Experience Client 6000 Series Firmware, Virtualization Experience Client 6215 2025-04-11 N/A
The firmware on Cisco Virtualization Experience Client 6000 devices sets incorrect operating-system permissions, which allows local users to gain privileges via an unspecified sequence of commands, aka Bug ID CSCuc31764.
CVE-2013-3407 1 Cisco 1 Server Provisioner 2025-04-11 N/A
The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and earlier does not require authentication for unspecified pages, which allows remote attackers to obtain sensitive information via a direct request, aka Bug ID CSCug65664.
CVE-2010-0591 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362.
CVE-2013-3406 1 Cisco 1 Service Portal 2025-04-11 N/A
The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCug65687.
CVE-2010-0590 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188.