Filtered by vendor Cisco
Subscribe
Total
6077 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2036 | 1 Cisco | 1 Wireless Lan Controller Software | 2023-12-10 | 10.0 HIGH | N/A |
| The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384. | |||||
| CVE-2007-4788 | 1 Cisco | 2 Content Switching Module With Ssl, Content Switching Modules | 2023-12-10 | 7.8 HIGH | N/A |
| Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco Content Switching Module with SSL (CSM-S) 2.1 before 2.1.2a, allow remote attackers to cause a denial of service (CPU consumption or reboot) via sets of out-of-order TCP packets with unspecified characteristics, aka CSCsd27478. | |||||
| CVE-2007-1542 | 1 Cisco | 2 7940 Router, 7960 Router | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Cisco IP Phone 7940 and 7960 running firmware before POS8-6-0 allows remote attackers to cause a denial of service via the Remote-Party-ID sipURI field in a SIP INVITE request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-2037 | 1 Cisco | 1 Wireless Lan Controller Software | 2023-12-10 | 2.9 LOW | N/A |
| Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic. | |||||
| CVE-2007-4263 | 1 Cisco | 1 Ios | 2023-12-10 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. | |||||
| CVE-2006-5278 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2023-12-10 | 10.0 HIGH | N/A |
| Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. | |||||
| CVE-2006-5660 | 1 Cisco | 1 Security Agent Management Center | 2023-12-10 | 7.5 HIGH | N/A |
| Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server. | |||||
| CVE-2007-2034 | 1 Cisco | 1 Wireless Control System | 2023-12-10 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190. | |||||
| CVE-2007-4747 | 1 Cisco | 3 Video Surveillance Ip Gateway Encoder Decoder, Video Surveillance Sp Isp, Video Surveillance Sp Isp Decoder Software | 2023-12-10 | 10.0 HIGH | N/A |
| The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729. | |||||
| CVE-2007-4789 | 1 Cisco | 2 Content Switching Module With Ssl, Content Switching Modules | 2023-12-10 | 7.8 HIGH | N/A |
| Cisco Content Switching Modules (CSM) 4.2 before 4.2.7, and Cisco Content Switching Module with SSL (CSM-S) 2.1 before 2.1.6, when service termination is enabled, allow remote attackers to cause a denial of service (reboot) via unspecified vectors related to high network utilization, aka CSCsh57876. | |||||
| CVE-2007-1063 | 1 Cisco | 12 Unified Ip Phone 7906g, Unified Ip Phone 7911g, Unified Ip Phone 7941g and 9 more | 2023-12-10 | 10.0 HIGH | N/A |
| The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device. | |||||
| CVE-2006-5807 | 1 Cisco | 1 Secure Desktop | 2023-12-10 | 4.6 MEDIUM | N/A |
| Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion". | |||||
| CVE-2007-6190 | 1 Cisco | 1 Unified Ip Phone | 2023-12-10 | 3.5 LOW | N/A |
| The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an ExecuteItem element that specifies a Real-Time Transport Protocol (RTP) audio stream. | |||||
| CVE-2007-4632 | 1 Cisco | 1 Ios | 2023-12-10 | 4.3 MEDIUM | N/A |
| Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105. | |||||
| CVE-2007-4633 | 1 Cisco | 2 Call Manager, Unified Communications Manager | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728. | |||||
| CVE-2006-5553 | 1 Cisco | 3 Security Agent, Unified Callmanager, Unified Presence Server | 2023-12-10 | 7.8 HIGH | N/A |
| Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options. | |||||
| CVE-2007-1833 | 1 Cisco | 1 Unified Callmanager | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port. | |||||
| CVE-2007-0105 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. | |||||
| CVE-2007-0397 | 1 Cisco | 2 Adaptive Security Appliance Device Manager, Security Monitoring Analysis And Response System | 2023-12-10 | 6.4 MEDIUM | N/A |
| The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information. | |||||
| CVE-2007-4295 | 1 Cisco | 1 Ios | 2023-12-10 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. | |||||