CVE-2016-1478

Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619.

Source: CVE-2016-1478

CVE-2016-1474 (prime_infrastructure)

Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuw65846, a different vulnerability than CVE-2015-6434.

Source: CVE-2016-1474 (prime_infrastructure)

CVE-2016-1474

Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCuw65846, a different vulnerability than CVE-2015-6434.

Source: CVE-2016-1474

CVE-2016-1468 (telepresence_video_communication_server)

The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID CSCuv12531.

Source: CVE-2016-1468 (telepresence_video_communication_server)

CVE-2016-1468

The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID CSCuv12531.

Source: CVE-2016-1468

CVE-2016-1466 (unified_communications_manager_im_and_presence_service)

Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID CSCva39072.

Source: CVE-2016-1466 (unified_communications_manager_im_and_presence_service)

CVE-2016-1466

Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID CSCva39072.

Source: CVE-2016-1466

CVE-2016-1430 (rv180_vpn_router_firmware, rv180w_vpn_router_firmware)

Cisco RV180 and RV180W devices allow remote authenticated users to execute arbitrary commands as root via a crafted HTTP request, aka Bug ID CSCuz48592.

Source: CVE-2016-1430 (rv180_vpn_router_firmware, rv180w_vpn_router_firmware)

CVE-2016-1430

Cisco RV180 and RV180W devices allow remote authenticated users to execute arbitrary commands as root via a crafted HTTP request, aka Bug ID CSCuz48592.

Source: CVE-2016-1430

CVE-2016-1429 (rv180_vpn_router_firmware, rv180w_wireless-n_multifunction_vpn_router_firmware)

Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuz43023.

Source: CVE-2016-1429 (rv180_vpn_router_firmware, rv180w_wireless-n_multifunction_vpn_router_firmware)