Filtered by vendor Cisco
Subscribe
Total
6180 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0412 | 1 Cisco | 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 | 2024-02-28 | 7.2 HIGH | N/A |
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | |||||
CVE-2000-1054 | 1 Cisco | 1 Secure Access Control Server | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet. | |||||
CVE-2003-1109 | 1 Cisco | 4 Ios, Ip Phone 7940, Ip Phone 7960 and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | |||||
CVE-1999-1175 | 1 Cisco | 1 Ios | 2024-02-28 | 7.5 HIGH | N/A |
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | |||||
CVE-1999-1000 | 1 Cisco | 1 Cache Engine | 2024-02-28 | 5.0 MEDIUM | N/A |
The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. | |||||
CVE-2001-0041 | 1 Cisco | 1 Catos | 2024-02-28 | 7.8 HIGH | N/A |
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. | |||||
CVE-2001-0753 | 1 Cisco | 1 Cbos | 2024-02-28 | 7.5 HIGH | N/A |
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | |||||
CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2024-02-28 | 6.4 MEDIUM | N/A |
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||||
CVE-2001-1037 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2024-02-28 | 4.6 MEDIUM | N/A |
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged. | |||||
CVE-2004-0352 | 1 Cisco | 4 Content Services Switch 11000, Content Services Switch 11050, Content Services Switch 11150 and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. | |||||
CVE-2001-0055 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2024-02-28 | 5.0 MEDIUM | N/A |
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. | |||||
CVE-2000-0945 | 1 Cisco | 1 Catalyst 3500 Xl | 2024-02-28 | 10.0 HIGH | N/A |
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | |||||
CVE-2002-1097 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2024-02-28 | 7.5 HIGH | N/A |
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages. | |||||
CVE-1999-0445 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | |||||
CVE-1999-0230 | 1 Cisco | 1 Ios | 2024-02-28 | 5.0 MEDIUM | N/A |
Buffer overflow in Cisco 7xx routers through the telnet service. | |||||
CVE-2003-0258 | 1 Cisco | 7 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client, Vpn 3005 Concentrator Software and 4 more | 2024-02-28 | 7.5 HIGH | N/A |
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication. | |||||
CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | |||||
CVE-2002-0881 | 1 Cisco | 2 Skinny Client Control Protocol Software, Voip Phone Cp-7940 | 2024-02-28 | 2.1 LOW | N/A |
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings. | |||||
CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2024-02-28 | 2.1 LOW | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
CVE-2004-1760 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2024-02-28 | 10.0 HIGH | N/A |
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. |