Filtered by vendor Cisco
Subscribe
Total
6552 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1054 | 1 Cisco | 1 Secure Access Control Server | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet. | |||||
| CVE-2004-1775 | 1 Cisco | 2 Catos, Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | |||||
| CVE-2003-1001 | 1 Cisco | 9 Catalyst 6500, Catalyst 6500 Ws-svc-nam-1, Catalyst 6500 Ws-svc-nam-2 and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. | |||||
| CVE-2001-0621 | 1 Cisco | 1 Content Services Switch 11000 | 2025-04-03 | 7.5 HIGH | N/A |
| The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | |||||
| CVE-1999-1000 | 1 Cisco | 1 Cache Engine | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. | |||||
| CVE-2000-0380 | 1 Cisco | 1 Ios | 2025-04-03 | 7.1 HIGH | N/A |
| The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | |||||
| CVE-2004-1760 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2025-04-03 | 10.0 HIGH | N/A |
| The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. | |||||
| CVE-2006-4352 | 1 Cisco | 1 Content Services Switch 11000 | 2025-04-03 | 5.0 MEDIUM | N/A |
| The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2001-1097 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | |||||
| CVE-1999-0445 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | |||||
| CVE-2002-1360 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. | |||||
| CVE-2004-1460 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password. | |||||
| CVE-2005-1942 | 1 Cisco | 1 Catalyst | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages. | |||||
| CVE-1999-1100 | 1 Cisco | 1 Pix Private Link | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | |||||
| CVE-2001-1434 | 1 Cisco | 1 Ios | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | |||||
| CVE-2002-0908 | 1 Cisco | 1 Ids Device Manager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. | |||||
| CVE-2002-1447 | 1 Cisco | 1 Vpn Client | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument. | |||||
| CVE-2006-4909 | 1 Cisco | 1 Guard Ddos Mitigation Appliance | 2025-04-03 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), when anti-spoofing is enabled, allows remote attackers to inject arbitrary web script or HTML via certain character sequences in a URL that are not properly handled when the appliance sends a meta-refresh. | |||||
| CVE-2003-1004 | 1 Cisco | 2 Pix Firewall, Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall. | |||||
| CVE-2006-3286 | 1 Cisco | 1 Wireless Control System | 2025-04-03 | 7.5 HIGH | N/A |
| The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug CSCsd15951). | |||||