Filtered by vendor Cisco
Subscriptions
Total
6544 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2025 | 1 Cisco | 8 Vpn 3000 Concentrator, Vpn 3000 Concentrator Series Software, Vpn 3005 Concentrator Software and 5 more | 2025-04-03 | N/A |
| Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname. | ||||
| CVE-2004-1433 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets. | ||||
| CVE-2004-1099 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2025-04-03 | N/A |
| Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username. | ||||
| CVE-2005-2242 | 1 Cisco | 1 Call Manager | 2025-04-03 | N/A |
| Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to cause a denial of service (memory consumption and restart) via crafted packets to (1) the CTI Manager (ctimgr.exe) or (2) the CallManager (ccm.exe). | ||||
| CVE-2005-2244 | 1 Cisco | 1 Call Manager | 2025-04-03 | N/A |
| The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow. | ||||
| CVE-2005-2279 | 1 Cisco | 1 Ons 15216 Optical Add Drop Multiplexer Software | 2025-04-03 | N/A |
| Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data. | ||||
| CVE-2005-2280 | 1 Cisco | 1 Security Agent | 2025-04-03 | N/A |
| Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. | ||||
| CVE-2005-1517 | 1 Cisco | 1 Firewall Services Module | 2025-04-03 | N/A |
| Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 and earlier, when using URL, FTP, or HTTPS filtering exceptions, allows certain TCP packets to bypass access control lists (ACLs). | ||||
| CVE-2005-2841 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. | ||||
| CVE-2005-1942 | 1 Cisco | 1 Catalyst | 2025-04-03 | N/A |
| Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages. | ||||
| CVE-1999-0063 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. | ||||
| CVE-2005-3886 | 1 Cisco | 1 Security Agent | 2025-04-03 | N/A |
| Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software. | ||||
| CVE-2006-4352 | 1 Cisco | 1 Content Services Switch 11000 | 2025-04-03 | N/A |
| The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-3921 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers. | ||||
| CVE-2003-1096 | 1 Cisco | 1 Leap | 2025-04-03 | N/A |
| The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks. | ||||
| CVE-2006-0181 | 1 Cisco | 1 Cs-mars | 2025-04-03 | N/A |
| Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command. | ||||
| CVE-2006-0179 | 1 Cisco | 1 Ip Phone 7940 | 2025-04-03 | N/A |
| The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80. | ||||
| CVE-2006-0764 | 1 Cisco | 3 Anomaly Guard Module, Guard, Traffic Anomaly Detector Module | 2025-04-03 | N/A |
| The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455. | ||||
| CVE-2006-1670 | 1 Cisco | 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15454 Mstp and 2 more | 2025-04-03 | N/A |
| Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910. | ||||
| CVE-2006-1672 | 1 Cisco | 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15600 and 2 more | 2025-04-03 | N/A |
| The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049. | ||||