Filtered by vendor Cisco
Subscribe
Total
6077 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-3669 | 1 Cisco | 8 Adaptive Security Appliance Software, Firewall Services Module, Ios and 5 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
CVE-2005-4826 | 1 Cisco | 1 Ios | 2023-12-10 | 6.1 MEDIUM | N/A |
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. | |||||
CVE-2006-3594 | 1 Cisco | 1 Unified Callmanager | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. | |||||
CVE-2006-0354 | 1 Cisco | 8 Aironet Ap1100, Aironet Ap1130ag, Aironet Ap1200 and 5 more | 2023-12-10 | 5.5 MEDIUM | N/A |
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644. | |||||
CVE-2006-3289 | 1 Cisco | 1 Wireless Control System | 2023-12-10 | 2.6 LOW | N/A |
Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL". | |||||
CVE-2006-0367 | 1 Cisco | 1 Call Manager | 2023-12-10 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page." | |||||
CVE-2006-0561 | 1 Cisco | 1 Secure Access Control Server | 2023-12-10 | 7.2 HIGH | N/A |
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key. | |||||
CVE-2005-3886 | 1 Cisco | 1 Security Agent | 2023-12-10 | 7.2 HIGH | N/A |
Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software. | |||||
CVE-1999-0159 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. | |||||
CVE-1999-1466 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. | |||||
CVE-2002-0886 | 1 Cisco | 1 Cbos | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | |||||
CVE-2002-1190 | 1 Cisco | 1 Unity Server | 2023-12-10 | 7.5 HIGH | N/A |
Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls. | |||||
CVE-2002-2239 | 1 Cisco | 3 Catalyst 6500, Catalyst 7600, Ios | 2023-12-10 | 7.8 HIGH | N/A |
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. | |||||
CVE-2002-2316 | 1 Cisco | 1 Catos | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | |||||
CVE-2002-0848 | 1 Cisco | 2 Vpn 5000 Concentrator, Vpn 5000 Concentrator Series Software | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing. | |||||
CVE-2004-0244 | 1 Cisco | 1 Ios | 2023-12-10 | 4.7 MEDIUM | N/A |
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | |||||
CVE-2002-2037 | 1 Cisco | 5 Bams, Pgw 2200, Sc2200 and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities. | |||||
CVE-2000-0984 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | |||||
CVE-2002-0849 | 1 Cisco | 1 Iscsi Driver | 2023-12-10 | 4.6 MEDIUM | N/A |
Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | |||||
CVE-2000-0700 | 1 Cisco | 4 Gigabit Switch Router 12008, Gigabit Switch Router 12012, Gigabit Switch Router 12016 and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets. |