Filtered by vendor Cisco
Subscriptions
Total
6788 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2451 | 1 Cisco | 2 Ios, Ios Xr | 2026-04-16 | N/A |
| Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | ||||
| CVE-2002-1098 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator. | ||||
| CVE-2005-2280 | 1 Cisco | 1 Security Agent | 2026-04-16 | N/A |
| Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. | ||||
| CVE-2002-0545 | 1 Cisco | 2 Aironet Ap340, Aironet Ap350 | 2026-04-16 | N/A |
| Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. | ||||
| CVE-2005-2105 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. | ||||
| CVE-2005-2181 | 1 Cisco | 4 Ip Phone 7940, Ip Phone 7940 Firmware, Ip Phone 7960 and 1 more | 2026-04-16 | 7.5 High |
| Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message. | ||||
| CVE-2006-3226 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote attackers to bypass authentication via various methods, aka "ACS Weak Session Management Vulnerability." | ||||
| CVE-2006-4775 | 1 Cisco | 2 Catos, Ios | 2026-04-16 | N/A |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. | ||||
| CVE-2002-1102 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection. | ||||
| CVE-2002-1104 | 1 Cisco | 1 Vpn Client | 2026-04-16 | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS). | ||||
| CVE-2002-0241 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server. | ||||
| CVE-2003-0210 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. | ||||
| CVE-1999-1042 | 1 Cisco | 1 Resource Manager | 2026-04-16 | N/A |
| Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings. | ||||
| CVE-2001-1434 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | ||||
| CVE-2004-1775 | 1 Cisco | 2 Catos, Ios | 2026-04-16 | N/A |
| Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | ||||
| CVE-2001-1037 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2026-04-16 | N/A |
| Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged. | ||||
| CVE-2001-0866 | 1 Cisco | 1 12000 Router | 2026-04-16 | N/A |
| Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls. | ||||
| CVE-2006-4982 | 1 Cisco | 1 Network Access Control | 2026-04-16 | N/A |
| Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address of a disconnected printer. | ||||
| CVE-2002-0160 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002. | ||||
| CVE-2006-0483 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3030 Concentator | 2026-04-16 | N/A |
| Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet. | ||||