Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1175 1 Cisco 1 Ios 2026-04-16 N/A
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
CVE-2005-2181 1 Cisco 4 Ip Phone 7940, Ip Phone 7940 Firmware, Ip Phone 7960 and 1 more 2026-04-16 7.5 High
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
CVE-2001-0041 1 Cisco 1 Catos 2026-04-16 N/A
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
CVE-2005-0597 1 Cisco 1 Application And Content Networking Software 2026-04-16 N/A
Cisco devices running Application and Content Networking System (ACNS) 5.0 before 5.0.17.6 and 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (process restart) via a "crafted TCP connection."
CVE-2001-0895 1 Cisco 11 Catalyst 2900xl, Catalyst 2948g-l3, Catalyst 2950 and 8 more 2026-04-16 N/A
Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table.
CVE-2002-2315 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router.
CVE-2006-1961 1 Cisco 5 Ciscoworks 2000 Service Management Solution, Ethernet Subscriber Solution Engine, Hosting Solution Engine and 2 more 2026-04-16 N/A
Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory.
CVE-2003-0677 1 Cisco 1 Webns 2026-04-16 N/A
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."
CVE-2006-0179 1 Cisco 1 Ip Phone 7940 2026-04-16 N/A
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
CVE-2001-0622 1 Cisco 1 Content Services Switch 11000 2026-04-16 N/A
The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
CVE-2001-0863 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
CVE-2004-1461 1 Cisco 2 Secure Access Control Server, Secure Acs Solution Engine 2026-04-16 N/A
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.
CVE-2006-1670 1 Cisco 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15454 Mstp and 2 more 2026-04-16 N/A
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.
CVE-2002-1095 1 Cisco 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
CVE-1999-1126 1 Cisco 1 Resource Manager 2026-04-16 N/A
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
CVE-2004-1759 2 Cisco, Ibm 17 Call Manager, Conference Connection, Emergency Responder and 14 more 2026-04-16 N/A
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
CVE-2005-2631 1 Cisco 1 Network Admission Control Manager And Server System Software 2026-04-16 N/A
Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users.
CVE-2005-3774 1 Cisco 1 Pix 2026-04-16 N/A
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
CVE-2006-0181 1 Cisco 1 Cs-mars 2026-04-16 N/A
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command.
CVE-2004-1434 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets.