Filtered by vendor Cisco
Subscribe
Total
6547 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0600 | 1 Cisco | 10 Application And Content Networking Software, Content Delivery Manager, Content Distribution Manager 4630 and 7 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded.
|
|||||
| CVE-2002-0505 | 1 Cisco | 1 Call Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords.
|
|||||
| CVE-2006-3732 | 1 Cisco | 1 Cs-mars | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1 ships with an Oracle database that contains several default accounts and passwords, which allows attackers to obtain sensitive information.
|
|||||
| CVE-1999-0430 | 1 Cisco | 3 Catalyst 12xx Supervisor Software, Catalyst 29xx Supervisor Software, Catalyst 5xxx Supervisor Software | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.
|
|||||
| CVE-2001-1037 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
|
|||||
| CVE-2003-0677 | 1 Cisco | 1 Webns | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."
|
|||||
| CVE-2001-0866 | 1 Cisco | 1 12000 Router | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls.
|
|||||
| CVE-2001-1097 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.
|
|||||
| CVE-2006-1960 | 1 Cisco | 1 Wireless Lan Solution Engine | 2025-04-03 | 5.8 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.
|
|||||
| CVE-2006-4032 | 1 Cisco | 1 Callmanager Express | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sensitive information (user names) from the Session Initiation Protocol (SIP) user directory via certain SIP messages, aka bug CSCse92417.
|
|||||
| CVE-2006-3593 | 1 Cisco | 1 Unified Callmanager | 2025-04-03 | 4.0 MEDIUM | N/A |
|
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
|
|||||
| CVE-1999-0775 | 1 Cisco | 1 Ios | 2025-04-03 | 10.0 HIGH | N/A |
|
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
|
|||||
| CVE-2006-3906 | 1 Cisco | 21 Adaptive Security Appliance Software, Ios, Pix Asa Ids and 18 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.
|
|||||
| CVE-2006-3596 | 1 Cisco | 1 Ips Sensor Software | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet.
|
|||||
| CVE-2004-1163 | 1 Cisco | 1 Cns Network Registrar | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (CPU consumption) by ending a connection after sending a certain sequence of packets.
|
|||||
| CVE-2002-0159 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.
|
|||||
| CVE-2005-0601 | 1 Cisco | 1 Application And Content Networking Software | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a default password when the setup dialog has not been run, which allows remote attackers to gain access.
|
|||||
| CVE-2002-0853 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload.
|
|||||
| CVE-2003-0210 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002.
|
|||||
| CVE-2001-0864 | 1 Cisco | 1 12000 Router | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
|
|||||
| CVE-2004-0391 | 1 Cisco | 2 Hosting Solution Engine, Wireless Lan Solution Engine | 2025-04-03 | 10.0 HIGH | N/A |
|
Cisco Wireless LAN Solution Engine (WLSE) 2.0 through 2.5 and Hosting Solution Engine (HSE) 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration.
|
|||||
| CVE-2006-1672 | 1 Cisco | 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15600 and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
|
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049.
|
|||||
| CVE-2000-0368 | 1 Cisco | 1 Ios | 2025-04-03 | 2.1 LOW | N/A |
|
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
|
|||||
| CVE-2002-1101 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
|
|||||
| CVE-2006-3285 | 1 Cisco | 1 Wireless Control System | 2025-04-03 | 7.5 HIGH | N/A |
|
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data (aka bugs CSCsd15955).
|
|||||
| CVE-2001-1434 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
|
|||||
| CVE-2000-0380 | 1 Cisco | 1 Ios | 2025-04-03 | 7.1 HIGH | N/A |
|
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
|
|||||
| CVE-2005-2243 | 1 Cisco | 1 Call Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail.
|
|||||
| CVE-2003-0982 | 1 Cisco | 9 Application And Content Networking Software, Content Distribution Manager 4630, Content Distribution Manager 4650 and 6 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password.
|
|||||
| CVE-2003-0100 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.
|
|||||
| CVE-2005-1057 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."
|
|||||
| CVE-2005-4794 | 1 Cisco | 7 Application And Content Networking Software, Ata, Ip Phone 7902 and 4 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.
|
|||||
| CVE-2003-0259 | 1 Cisco | 6 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3015 Concentrator and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.
|
|||||
| CVE-2001-0621 | 1 Cisco | 1 Content Services Switch 11000 | 2025-04-03 | 7.5 HIGH | N/A |
|
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
|
|||||
| CVE-1999-0998 | 1 Cisco | 1 Cache Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco Cache Engine allows an attacker to replace content in the cache.
|
|||||
| CVE-2000-0613 | 1 Cisco | 1 Pix Firewall | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
|
|||||
| CVE-2004-1435 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK).
|
|||||
| CVE-2005-0186 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.
|
|||||
| CVE-1999-0230 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Buffer overflow in Cisco 7xx routers through the telnet service.
|
|||||
| CVE-2006-0483 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3030 Concentator | 2025-04-03 | 7.8 HIGH | N/A |
|
Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet.
|
|||||