Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0267 1 Cisco 1 Catos 2026-04-16 N/A
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
CVE-2006-0485 1 Cisco 1 Ios 2026-04-16 N/A
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.
CVE-2006-0483 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3030 Concentator 2026-04-16 N/A
Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet.
CVE-2002-1108 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel.
CVE-2006-0368 1 Cisco 1 Call Manager 2026-04-16 N/A
Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.
CVE-2006-0367 1 Cisco 1 Call Manager 2026-04-16 N/A
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page."
CVE-2002-1107 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
CVE-2001-0621 1 Cisco 1 Content Services Switch 11000 2026-04-16 N/A
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
CVE-2006-0354 1 Cisco 8 Aironet Ap1100, Aironet Ap1130ag, Aironet Ap1200 and 5 more 2026-04-16 N/A
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
CVE-2006-0181 1 Cisco 1 Cs-mars 2026-04-16 N/A
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command.
CVE-2002-1106 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks.
CVE-2006-0179 1 Cisco 1 Ip Phone 7940 2026-04-16 N/A
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
CVE-2005-4826 1 Cisco 1 Ios 2026-04-16 N/A
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.
CVE-2002-1105 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.
CVE-2001-0566 1 Cisco 1 Catalyst 2900 2026-04-16 N/A
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
CVE-2000-0150 2 Checkpoint, Cisco 2 Firewall-1, Pix Firewall Software 2026-04-16 N/A
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
CVE-1999-0734 1 Cisco 1 Ciscosecure 2026-04-16 N/A
A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.
CVE-1999-0222 1 Cisco 1 Router 2026-04-16 N/A
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL.
CVE-2005-4825 1 Cisco 1 Network Admission Control Manager And Server System Software 2026-04-16 N/A
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.
CVE-2005-4794 1 Cisco 7 Application And Content Networking Software, Ata, Ip Phone 7902 and 4 more 2026-04-16 N/A
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.