Filtered by vendor Cisco
Subscribe
Total
6256 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-4312 | 1 Cisco | 9 Adaptive Security Appliance, Pix Firewall 501, Pix Firewall 506 and 6 more | 2025-04-03 | 6.8 MEDIUM | N/A |
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access. | |||||
CVE-2005-3886 | 1 Cisco | 1 Security Agent | 2025-04-03 | 7.2 HIGH | N/A |
Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software. | |||||
CVE-2005-0600 | 1 Cisco | 10 Application And Content Networking Software, Content Delivery Manager, Content Distribution Manager 4630 and 7 more | 2025-04-03 | 5.0 MEDIUM | N/A |
Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded. | |||||
CVE-2004-0352 | 1 Cisco | 4 Content Services Switch 11000, Content Services Switch 11050, Content Services Switch 11150 and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. | |||||
CVE-2004-1464 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | 5.9 MEDIUM |
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | |||||
CVE-2001-0455 | 1 Cisco | 1 Aironet 340 | 2025-04-03 | 7.5 HIGH | N/A |
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | |||||
CVE-2005-3774 | 1 Cisco | 1 Pix | 2025-04-03 | 5.0 MEDIUM | N/A |
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. | |||||
CVE-2001-0566 | 1 Cisco | 1 Catalyst 2900 | 2025-04-03 | 5.0 MEDIUM | N/A |
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | |||||
CVE-2006-0340 | 1 Cisco | 1 Ios | 2025-04-03 | 7.1 HIGH | N/A |
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. | |||||
CVE-1999-0160 | 1 Cisco | 1 Ios | 2025-04-03 | 7.5 HIGH | N/A |
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | |||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-04-03 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||||
CVE-2006-3287 | 1 Cisco | 1 Wireless Control System | 2025-04-03 | 7.5 HIGH | N/A |
Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access (aka bug CSCse21391). | |||||
CVE-2005-2025 | 1 Cisco | 8 Vpn 3000 Concentrator, Vpn 3000 Concentrator Series Software, Vpn 3005 Concentrator Software and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname. | |||||
CVE-2002-0908 | 1 Cisco | 1 Ids Device Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. | |||||
CVE-2005-2681 | 1 Cisco | 1 Ips Sensor Software | 2025-04-03 | 7.2 HIGH | N/A |
Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. | |||||
CVE-2004-1433 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | 5.0 MEDIUM | N/A |
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets. | |||||
CVE-2002-1189 | 1 Cisco | 1 Unity Server | 2025-04-03 | 4.6 MEDIUM | N/A |
The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding. | |||||
CVE-2000-0268 | 1 Cisco | 12 3660 Router, 7100 Router, 7200 Router and 9 more | 2025-04-03 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | |||||
CVE-2001-0650 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||||
CVE-2006-4430 | 1 Cisco | 2 Network Admission Control, Network Admission Control Manager And Server System Software | 2025-04-03 | 5.0 MEDIUM | N/A |
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms. |