Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1595 1 Cisco 1 Sn 5420 Storage Router Firmware 2026-04-16 N/A
Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization.
CVE-2006-3289 1 Cisco 1 Wireless Control System 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL".
CVE-2001-0866 1 Cisco 1 12000 Router 2026-04-16 N/A
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls.
CVE-2006-3286 1 Cisco 1 Wireless Control System 2026-04-16 N/A
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug CSCsd15951).
CVE-2006-4909 1 Cisco 1 Guard Ddos Mitigation Appliance 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), when anti-spoofing is enabled, allows remote attackers to inject arbitrary web script or HTML via certain character sequences in a URL that are not properly handled when the appliance sends a meta-refresh.
CVE-2000-0700 1 Cisco 4 Gigabit Switch Router 12008, Gigabit Switch Router 12012, Gigabit Switch Router 12016 and 1 more 2026-04-16 N/A
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
CVE-2002-1597 1 Cisco 1 Sn 5420 Storage Router Firmware 2026-04-16 N/A
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
CVE-2002-1102 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
CVE-2006-3596 1 Cisco 1 Ips Sensor Software 2026-04-16 N/A
The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet.
CVE-2002-1768 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985.
CVE-2002-1492 1 Cisco 1 Vpn 5000 Client 2026-04-16 N/A
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.
CVE-2006-3594 1 Cisco 1 Unified Callmanager 2026-04-16 N/A
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542.
CVE-2002-0852 1 Cisco 1 Vpn Client 2026-04-16 N/A
Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads.
CVE-2004-0551 1 Cisco 24 Catalyst 2901, Catalyst 2902, Catalyst 2926 and 21 more 2026-04-16 N/A
Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."
CVE-2003-0647 1 Cisco 1 Ios 2026-04-16 N/A
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.
CVE-2001-0041 1 Cisco 1 Catos 2026-04-16 N/A
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
CVE-2006-3226 1 Cisco 1 Secure Access Control Server 2026-04-16 N/A
Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote attackers to bypass authentication via various methods, aka "ACS Weak Session Management Vulnerability."
CVE-2000-1054 1 Cisco 1 Secure Access Control Server 2026-04-16 N/A
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
CVE-2001-1434 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
CVE-2001-1037 1 Cisco 1 Sn 5420 Storage Router Firmware 2026-04-16 N/A
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.