cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2015-0667,https://securityvulnerability.io/vulnerability/CVE-2015-0667,,"The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855.",Cisco,Content Services Switch 11500 Firmware,,,0.0013599999947473407,false,,false,false,false,,,false,false,,2015-03-18T23:00:00.000Z,0
CVE-2010-2629,https://securityvulnerability.io/vulnerability/CVE-2010-2629,,"The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576.",Cisco,Content Services Switch 11500,,,0.010599999688565731,false,,false,false,false,,,false,false,,2010-07-06T14:00:00.000Z,0
CVE-2010-1575,https://securityvulnerability.io/vulnerability/CVE-2010-1575,,"The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.",Cisco,Content Services Switch 11500,,,0.015399999916553497,false,,false,false,false,,,false,false,,2010-07-06T14:00:00.000Z,0
CVE-2010-1576,https://securityvulnerability.io/vulnerability/CVE-2010-1576,,"The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885.",Cisco,Content Services Switch 11500,,,0.012629999779164791,false,,false,false,false,,,false,false,,2010-07-06T14:00:00.000Z,0
CVE-2006-4352,https://securityvulnerability.io/vulnerability/CVE-2006-4352,,"The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.",Cisco,Content Services Switch 11000,,,0.003530000103637576,false,,false,false,false,,,false,false,,2006-08-25T10:04:00.000Z,0
CVE-2006-1631,https://securityvulnerability.io/vulnerability/CVE-2006-1631,,"Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) ""valid, but obsolete"" or (2) ""specially crafted"" HTTP requests.",Cisco,Content Services Switch 11500,,,0.024000000208616257,false,,false,false,false,,,false,false,,2006-04-05T18:00:00.000Z,0
CVE-2005-3426,https://securityvulnerability.io/vulnerability/CVE-2005-3426,,Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.,Cisco,Content Services Switch 11500,,,0.011219999752938747,false,,false,false,false,,,false,false,,2005-11-02T00:00:00.000Z,0
CVE-2004-0352,https://securityvulnerability.io/vulnerability/CVE-2004-0352,,"Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.",Cisco,"Content Services Switch 11150,Content Services Switch 11050,Content Services Switch 11800,Content Services Switch 11000",,,0.004449999891221523,false,,false,false,false,,,false,false,,2004-11-23T05:00:00.000Z,0
CVE-2003-1132,https://securityvulnerability.io/vulnerability/CVE-2003-1132,,"The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or ""Name Error"") instead of response code 0 (""No Error""), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.",Cisco,"Content Services Switch 11500,Content Services Switch 11000",,,0.002090000081807375,false,,false,false,false,,,false,false,,2003-12-31T05:00:00.000Z,0
CVE-2003-0851,https://securityvulnerability.io/vulnerability/CVE-2003-0851,,OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.,Cisco,"Ios,Css11000 Content Services Switch,Pix Firewall,OpenSSL,Pix Firewall Software",,,0.05079000070691109,false,,false,false,false,,,false,false,,2003-12-01T05:00:00.000Z,0
CVE-2002-1024,https://securityvulnerability.io/vulnerability/CVE-2002-1024,,"Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).",Cisco,"Ios,Pix Firewall Software,Css11000 Content Services Switch",,,0.007579999975860119,false,,false,false,false,,,false,false,,2002-10-04T04:00:00.000Z,0
CVE-2001-0621,https://securityvulnerability.io/vulnerability/CVE-2001-0621,,The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.,Cisco,Content Services Switch 11000,,,0.0025400000158697367,false,,false,false,false,,,false,false,,2001-08-14T04:00:00.000Z,0
CVE-2001-0622,https://securityvulnerability.io/vulnerability/CVE-2001-0622,,The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.,Cisco,Content Services Switch 11000,,,0.0062699997797608376,false,,false,false,false,,,false,false,,2001-08-14T04:00:00.000Z,0
CVE-2001-0412,https://securityvulnerability.io/vulnerability/CVE-2001-0412,,"Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.",Cisco,"Content Services Switch 11150,Content Services Switch 11050,Content Services Switch 11800",,,0.0004199999966658652,false,,false,false,false,,,false,false,,2001-06-18T04:00:00.000Z,0
CVE-2001-0020,https://securityvulnerability.io/vulnerability/CVE-2001-0020,,"Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack.",Cisco,"ArroWPoint,Content Services Switch",,,0.0005099999834783375,false,,false,false,false,,,false,false,,2001-02-12T05:00:00.000Z,0
CVE-2001-0019,https://securityvulnerability.io/vulnerability/CVE-2001-0019,,"Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the ""show script,"" ""clear script,"" ""show archive,"" ""clear archive,"" ""show log,"" or ""clear log"" commands.",Cisco,"ArroWPoint,Content Services Switch",,,0.0004199999966658652,false,,false,false,false,,,false,false,,2001-02-12T05:00:00.000Z,0