Total
599 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3801 | 1 Cisco | 3 Ios, Unified Callmanager, Unified Communications Manager | 2023-12-10 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. | |||||
| CVE-2008-3813 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. | |||||
| CVE-2008-5230 | 1 Cisco | 1 Ios | 2023-12-10 | 6.8 MEDIUM | N/A |
| The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng. | |||||
| CVE-2009-0626 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. | |||||
| CVE-2008-1156 | 1 Cisco | 2 Cisco Ios, Ios | 2023-12-10 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message. | |||||
| CVE-2009-1220 | 1 Cisco | 2 Adaptive Security Appliance, Ios | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header. | |||||
| CVE-2008-3799 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages. | |||||
| CVE-2008-3805 | 1 Cisco | 1 Ios | 2023-12-10 | 8.5 HIGH | N/A |
| Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806. | |||||
| CVE-2008-4963 | 1 Cisco | 2 Catos, Ios | 2023-12-10 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port. | |||||
| CVE-2009-2863 | 1 Cisco | 1 Ios | 2023-12-10 | 7.1 HIGH | N/A |
| Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. | |||||
| CVE-2008-4609 | 12 Bsd, Bsdi, Cisco and 9 more | 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more | 2023-12-10 | 7.1 HIGH | N/A |
| The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | |||||
| CVE-2009-0636 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. | |||||
| CVE-2009-2870 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. | |||||
| CVE-2009-2866 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. | |||||
| CVE-2009-2862 | 1 Cisco | 1 Ios | 2023-12-10 | 4.3 MEDIUM | N/A |
| The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252. | |||||
| CVE-2008-3802 | 1 Cisco | 1 Ios | 2023-12-10 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801. | |||||
| CVE-2008-1151 | 1 Cisco | 1 Ios | 2023-12-10 | 7.1 HIGH | N/A |
| Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566. | |||||
| CVE-2009-1168 | 1 Cisco | 2 Ios, Ios Xe | 2023-12-10 | 7.1 HIGH | N/A |
| Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. | |||||
| CVE-2009-2871 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. | |||||
| CVE-2008-3798 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
| Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. | |||||