Filtered by vendor Cisco
Subscribe
Total
6547 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0889 | 1 Cisco | 1 675 Router | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set.
|
|||||
| CVE-2001-1071 | 1 Cisco | 2 Catos, Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.
|
|||||
| CVE-2006-4911 | 1 Cisco | 1 Ips Sensor Software | 2025-04-03 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets".
|
|||||
| CVE-2006-0368 | 1 Cisco | 1 Call Manager | 2025-04-03 | 7.8 HIGH | N/A |
|
Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.
|
|||||
| CVE-2005-0195 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
|
|||||
| CVE-2001-0650 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
|
|||||
| CVE-2001-0375 | 1 Cisco | 2 Pix Firewall 515, Pix Firewall 520 | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
|
|||||
| CVE-1999-1465 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862.
|
|||||
| CVE-2005-3804 | 1 Cisco | 1 7920 Wireless Ip Phone | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service.
|
|||||
| CVE-2002-1597 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
|
|||||
| CVE-2003-1002 | 1 Cisco | 9 Catalyst 6500, Catalyst 6500 Ws-svc-nam-1, Catalyst 6500 Ws-svc-nam-2 and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
|
|||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
|
|||||
| CVE-2002-1103 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
|
|||||
| CVE-1999-0160 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
|
|||||
| CVE-2001-1105 | 2 Cisco, Dell | 2 Icdn, Bsafe Ssl-j | 2025-04-03 | 7.5 HIGH | N/A |
|
RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.
|
|||||
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2025-04-03 | 2.1 LOW | N/A |
|
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
|
|||||
| CVE-2001-0865 | 1 Cisco | 1 12000 Router | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
|
|||||
| CVE-2002-1554 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup.
|
|||||
| CVE-1999-0415 | 1 Cisco | 1 Cisco 7xx Routers | 2025-04-03 | 7.5 HIGH | N/A |
|
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration.
|
|||||
| CVE-2002-0881 | 1 Cisco | 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 | 2025-04-03 | 2.1 LOW | N/A |
|
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.
|
|||||
| CVE-2001-0863 | 1 Cisco | 1 12000 Router | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
|
|||||
| CVE-2004-1460 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.
|
|||||
| CVE-2001-0757 | 1 Cisco | 1 6400 Nrp 2 | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet.
|
|||||
| CVE-1999-1464 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
|
Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564.
|
|||||
| CVE-2005-0197 | 1 Cisco | 1 Ios | 2025-04-03 | 6.1 MEDIUM | N/A |
|
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
|
|||||
| CVE-2003-0511 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.
|
|||||
| CVE-2002-1093 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2025-04-03 | 5.0 MEDIUM | N/A |
|
HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.
|
|||||
| CVE-2001-0751 | 1 Cisco | 1 Cbos | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
|
|||||
| CVE-2000-1022 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | 7.5 HIGH | N/A |
|
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
|
|||||
| CVE-2006-4983 | 1 Cisco | 1 Network Access Control | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.
|
|||||
| CVE-2004-0308 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 10.0 HIGH | N/A |
|
Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell.
|
|||||
| CVE-2005-0943 | 1 Cisco | 8 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3005 Concentrator Software and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
|
|||||
| CVE-2005-3669 | 1 Cisco | 8 Adaptive Security Appliance Software, Firewall Services Module, Ios and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
|
|||||
| CVE-2003-1003 | 1 Cisco | 2 Pix Firewall, Pix Firewall Software | 2025-04-03 | 7.8 HIGH | N/A |
|
Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
|
|||||
| CVE-2002-1106 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 7.5 HIGH | N/A |
|
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks.
|
|||||
| CVE-1999-0445 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
|
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
|
|||||
| CVE-2004-0244 | 1 Cisco | 1 Ios | 2025-04-03 | 4.7 MEDIUM | N/A |
|
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
|
|||||
| CVE-2006-0340 | 1 Cisco | 1 Ios | 2025-04-03 | 7.1 HIGH | N/A |
|
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.
|
|||||
| CVE-2005-3803 | 1 Cisco | 2 Unified Wireless Ip Phone 7920, Unified Wireless Ip Phone 7920 Firmware | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
|
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information.
|
|||||
| CVE-2002-1556 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).
|
|||||