Filtered by vendor Cisco Subscriptions
Total 6788 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-1672 1 Cisco 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15600 and 2 more 2026-04-16 N/A
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049.
CVE-2005-4826 1 Cisco 1 Ios 2026-04-16 N/A
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.
CVE-2002-0792 1 Cisco 2 Content Services Switch 11000, Webns 2026-04-16 N/A
The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
CVE-2002-1222 1 Cisco 1 Catos 2026-04-16 N/A
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
CVE-2002-1360 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2026-04-16 N/A
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.
CVE-2005-4825 1 Cisco 1 Network Admission Control Manager And Server System Software 2026-04-16 N/A
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.
CVE-2006-3595 1 Cisco 1 Router Web Setup 2026-04-16 N/A
The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190.
CVE-2004-1435 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK).
CVE-2003-0567 1 Cisco 3 Ios, Ons 15454 Optical Transport Platform, Optical Networking Systems Software 2026-04-16 N/A
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
CVE-2000-0486 1 Cisco 2 Ios, Tacacs\+ 2026-04-16 N/A
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
CVE-1999-1465 1 Cisco 1 Ios 2026-04-16 N/A
Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862.
CVE-2005-0197 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
CVE-2003-0851 3 Cisco, Openssl, Redhat 7 Css11000 Content Services Switch, Ios, Pix Firewall and 4 more 2026-04-16 N/A
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
CVE-2004-1460 1 Cisco 2 Secure Access Control Server, Secure Acs Solution Engine 2026-04-16 N/A
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.
CVE-2003-1132 1 Cisco 2 Content Services Switch 11000, Content Services Switch 11500 2026-04-16 N/A
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.
CVE-2003-0731 1 Cisco 4 Ciscoworks Cd1, Ciscoworks Common Management Foundation, Resource Manager and 1 more 2026-04-16 N/A
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
CVE-1999-1175 1 Cisco 1 Ios 2026-04-16 N/A
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
CVE-1999-1216 1 Cisco 1 Router 2026-04-16 N/A
Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
CVE-2002-0870 1 Cisco 2 Content Services Switch 11000, Webns 2026-04-16 N/A
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
CVE-1999-0775 1 Cisco 1 Ios 2026-04-16 N/A
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.