Filtered by vendor Cisco
Subscribe
Total
6209 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3594 | 1 Cisco | 1 Unified Callmanager | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. | |||||
| CVE-2001-0751 | 1 Cisco | 1 Cbos | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2005-2241 | 1 Cisco | 1 Call Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe. | |||||
| CVE-2006-2679 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated, interactive users to gain privileges, possibly due to privileges of dialog boxes, aka bug ID CSCsd79265. | |||||
| CVE-2002-0954 | 1 Cisco | 1 Pix Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | |||||
| CVE-2004-1432 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed (1) IP or (2) ICMP packets. | |||||
| CVE-2004-1435 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK). | |||||
| CVE-2001-0429 | 1 Cisco | 1 Catos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. | |||||
| CVE-2005-2631 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users. | |||||
| CVE-2000-0945 | 1 Cisco | 1 Catalyst 3500 Xl | 2025-04-03 | 10.0 HIGH | N/A |
| The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | |||||
| CVE-2003-0258 | 1 Cisco | 7 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3005 Concentrator Software and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication. | |||||
| CVE-2005-3921 | 1 Cisco | 1 Ios | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers. | |||||
| CVE-2002-1447 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument. | |||||
| CVE-2006-3593 | 1 Cisco | 1 Unified Callmanager | 2025-04-03 | 4.0 MEDIUM | N/A |
| The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704. | |||||
| CVE-2006-3733 | 1 Cisco | 1 Security Monitoring Analysis And Response System | 2025-04-03 | 7.5 HIGH | N/A |
| jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp action in the BSHDeployer jboss.scripts service name. | |||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | |||||
| CVE-2005-3804 | 1 Cisco | 1 7920 Wireless Ip Phone | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service. | |||||
| CVE-2000-1056 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | 7.5 HIGH | N/A |
| CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | |||||
| CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | |||||
| CVE-2001-0757 | 1 Cisco | 1 6400 Nrp 2 | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. | |||||