Filtered by vendor Cisco
Subscribe
Total
6508 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2279 | 1 Cisco | 1 Ons 15216 Optical Add Drop Multiplexer Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data. | |||||
| CVE-2006-1928 | 1 Cisco | 1 Ios Xr | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS packets, as identified by Cisco bug IDs (1) CSCsd15970 and (2) CSCsd55531. | |||||
| CVE-2006-2322 | 1 Cisco | 2 Application Velocity System 3110, Application Velocity System 3120 | 2025-04-03 | 6.4 MEDIUM | N/A |
| The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143. | |||||
| CVE-2002-2139 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack. | |||||
| CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2025-04-03 | 6.4 MEDIUM | N/A |
| Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||||
| CVE-2001-0057 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. | |||||
| CVE-2001-0020 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2025-04-03 | 2.1 LOW | N/A |
| Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-1175 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | |||||
| CVE-1999-1582 | 1 Cisco | 1 Pix Firewall | 2025-04-03 | 7.5 HIGH | N/A |
| By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality. | |||||
| CVE-2005-0601 | 1 Cisco | 1 Application And Content Networking Software | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a default password when the setup dialog has not been run, which allows remote attackers to gain access. | |||||
| CVE-2006-3291 | 1 Cisco | 1 Ios | 2025-04-03 | 9.3 HIGH | N/A |
| The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system. | |||||
| CVE-2002-0886 | 1 Cisco | 1 Cbos | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | |||||
| CVE-1999-0063 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. | |||||
| CVE-2001-0753 | 1 Cisco | 1 Cbos | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | |||||
| CVE-2000-1054 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet. | |||||
| CVE-2001-1037 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2025-04-03 | 4.6 MEDIUM | N/A |
| Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged. | |||||
| CVE-2006-4911 | 1 Cisco | 1 Ips Sensor Software | 2025-04-03 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets". | |||||
| CVE-1999-0160 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | |||||
| CVE-2003-0259 | 1 Cisco | 6 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3015 Concentrator and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet. | |||||
| CVE-2003-0647 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | |||||