Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0307 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead.
CVE-2006-0368 1 Cisco 1 Call Manager 2026-04-16 N/A
Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.
CVE-2006-4194 1 Cisco 8 Pix Firewall 501, Pix Firewall 506, Pix Firewall 515 and 5 more 2026-04-16 N/A
Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue
CVE-2002-1095 1 Cisco 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
CVE-1999-0416 1 Cisco 1 Cisco 7xx Routers 2026-04-16 N/A
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port.
CVE-2002-1222 1 Cisco 1 Catos 2026-04-16 N/A
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
CVE-2006-1960 1 Cisco 1 Wireless Lan Solution Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.
CVE-2001-0750 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
CVE-1999-0843 1 Cisco 1 Router 2026-04-16 N/A
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.
CVE-2002-1553 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist.
CVE-2005-2105 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
CVE-1999-1216 1 Cisco 1 Router 2026-04-16 N/A
Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
CVE-2002-1105 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.
CVE-2004-0352 1 Cisco 4 Content Services Switch 11000, Content Services Switch 11050, Content Services Switch 11150 and 1 more 2026-04-16 N/A
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
CVE-1999-0415 1 Cisco 1 Cisco 7xx Routers 2026-04-16 N/A
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration.
CVE-2006-1671 1 Cisco 5 Ons 15310-cl Series, Ons 15454 Mspp, Ons 15600 and 2 more 2026-04-16 N/A
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558.
CVE-2006-3287 1 Cisco 1 Wireless Control System 2026-04-16 N/A
Cisco Wireless Control System (WCS) for Linux and Windows 4.0(1) and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access (aka bug CSCse21391).
CVE-2006-3286 1 Cisco 1 Wireless Control System 2026-04-16 N/A
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug CSCsd15951).
CVE-2002-1102 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
CVE-2002-2140 1 Cisco 1 Pix Firewall Software 2026-04-16 N/A
Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.