Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Total 6180 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-0412 1 Cisco 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 2024-02-28 7.2 HIGH N/A
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
CVE-2000-1054 1 Cisco 1 Secure Access Control Server 2024-02-28 10.0 HIGH N/A
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
CVE-2003-1109 1 Cisco 4 Ios, Ip Phone 7940, Ip Phone 7960 and 1 more 2024-02-28 7.5 HIGH N/A
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
CVE-1999-1175 1 Cisco 1 Ios 2024-02-28 7.5 HIGH N/A
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
CVE-1999-1000 1 Cisco 1 Cache Engine 2024-02-28 5.0 MEDIUM N/A
The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics.
CVE-2001-0041 1 Cisco 1 Catos 2024-02-28 7.8 HIGH N/A
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
CVE-2001-0753 1 Cisco 1 Cbos 2024-02-28 7.5 HIGH N/A
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
CVE-2001-1210 1 Cisco 3 Ubr920, Ubr924, Ubr925 2024-02-28 6.4 MEDIUM N/A
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings.
CVE-2001-1037 1 Cisco 1 Sn 5420 Storage Router Firmware 2024-02-28 4.6 MEDIUM N/A
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
CVE-2004-0352 1 Cisco 4 Content Services Switch 11000, Content Services Switch 11050, Content Services Switch 11150 and 1 more 2024-02-28 5.0 MEDIUM N/A
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
CVE-2001-0055 1 Cisco 2 Broadband Operating System, Cisco 6xx Routers 2024-02-28 5.0 MEDIUM N/A
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
CVE-2000-0945 1 Cisco 1 Catalyst 3500 Xl 2024-02-28 10.0 HIGH N/A
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
CVE-2002-1097 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2024-02-28 7.5 HIGH N/A
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.
CVE-1999-0445 1 Cisco 1 Ios 2024-02-28 5.0 MEDIUM N/A
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
CVE-1999-0230 1 Cisco 1 Ios 2024-02-28 5.0 MEDIUM N/A
Buffer overflow in Cisco 7xx routers through the telnet service.
CVE-2003-0258 1 Cisco 7 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3005 Concentrator Software and 4 more 2024-02-28 7.5 HIGH N/A
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.
CVE-2002-1557 1 Cisco 1 Optical Networking Systems Software 2024-02-28 5.0 MEDIUM N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.
CVE-2002-0881 1 Cisco 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 2024-02-28 2.1 LOW N/A
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.
CVE-1999-0524 11 Apple, Cisco, Hp and 8 more 14 Mac Os X, Macos, Ios and 11 more 2024-02-28 2.1 LOW N/A
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
CVE-2004-1760 2 Cisco, Ibm 17 Call Manager, Conference Connection, Emergency Responder and 14 more 2024-02-28 10.0 HIGH N/A
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.