Total
616 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4950 | 1 Cisco | 1 Ios | 2025-04-03 | 10.0 HIGH | N/A |
|
Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables.
|
|||||
| CVE-2002-2052 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software.
|
|||||
| CVE-2003-0567 | 1 Cisco | 3 Ios, Ons 15454 Optical Transport Platform, Optical Networking Systems Software | 2025-04-03 | 7.8 HIGH | N/A |
|
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
|
|||||
| CVE-2005-2841 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.
|
|||||
| CVE-2001-1071 | 1 Cisco | 2 Catos, Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.
|
|||||
| CVE-2005-0195 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
|
|||||
| CVE-2001-0650 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
|
|||||
| CVE-1999-1465 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862.
|
|||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
|
|||||
| CVE-1999-0160 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
|
|||||
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2025-04-03 | 2.1 LOW | N/A |
|
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
|
|||||
| CVE-1999-1464 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564.
|
|||||
| CVE-2005-0197 | 1 Cisco | 1 Ios | 2025-04-03 | 6.1 MEDIUM | N/A |
|
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
|
|||||
| CVE-2003-0511 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.
|
|||||
| CVE-2005-3669 | 1 Cisco | 8 Adaptive Security Appliance Software, Firewall Services Module, Ios and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
|
|||||
| CVE-1999-0445 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
|
|||||
| CVE-2004-0244 | 1 Cisco | 1 Ios | 2025-04-03 | 4.7 MEDIUM | N/A |
|
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
|
|||||
| CVE-2006-0340 | 1 Cisco | 1 Ios | 2025-04-03 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.
|
|||||
| CVE-2000-0984 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
|
|||||
| CVE-2003-0851 | 2 Cisco, Openssl | 5 Css11000 Content Services Switch, Ios, Pix Firewall and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
|
|||||
| CVE-2006-3291 | 1 Cisco | 1 Ios | 2025-04-03 | 9.3 HIGH | N/A |
|
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.
|
|||||
| CVE-2005-4826 | 1 Cisco | 1 Ios | 2025-04-03 | 6.1 MEDIUM | N/A |
|
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.
|
|||||
| CVE-2002-2208 | 2 Cisco, Extended Interior Gateway Routing Protocol | 2 Ios, Extended Interior Gateway Routing Protocol | 2025-04-03 | 7.8 HIGH | N/A |
|
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.
|
|||||
| CVE-2002-0339 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.
|
|||||
| CVE-2005-3481 | 1 Cisco | 1 Ios | 2025-04-03 | 9.3 HIGH | N/A |
|
Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed.
|
|||||
| CVE-2003-0305 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.
|
|||||
| CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
|
|||||
| CVE-2002-1024 | 1 Cisco | 4 Catos, Css11000 Content Services Switch, Ios and 1 more | 2025-04-03 | 7.1 HIGH | N/A |
|
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
|
|||||
| CVE-2000-0345 | 1 Cisco | 7 Ios, Router 2500, Router 2600 and 4 more | 2025-04-03 | 2.1 LOW | N/A |
|
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.
|
|||||
| CVE-2002-1768 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985.
|
|||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
|
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
|
|||||
| CVE-2004-1775 | 1 Cisco | 2 Catos, Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.
|
|||||
| CVE-2004-0710 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
|
|||||
| CVE-2002-1358 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
|
|||||
| CVE-2004-1776 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
|
|||||
| CVE-1999-1175 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
|
|||||
| CVE-1999-0161 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering.
|
|||||
| CVE-2001-0929 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.
|
|||||
| CVE-2001-0711 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.
|
|||||
| CVE-1999-0293 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
|
|||||