ReportizFlow
Filtered by vendor Cisco
Subscriptions
Filtered by product Ios
Subscriptions
Total
619 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4963 | 1 Cisco | 2 Catos, Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port. | ||||
| CVE-2007-5651 | 1 Cisco | 2 Catos, Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. | ||||
| CVE-2007-5552 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2008-3811 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. | ||||
| CVE-2009-2869 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. | ||||
| CVE-2008-3812 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. | ||||
| CVE-2007-5551 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-5550 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2001-1097 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | ||||
| CVE-2001-0537 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. | ||||
| CVE-2004-1775 | 1 Cisco | 2 Catos, Ios | 2025-04-03 | N/A |
| Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | ||||
| CVE-2001-0288 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | ||||
| CVE-2004-1111 | 1 Cisco | 10 7200 Router, 7300 Router, 7500 Router and 7 more | 2025-04-03 | N/A |
| Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. | ||||
| CVE-2005-3481 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed. | ||||
| CVE-2005-4258 | 1 Cisco | 71 Catalyst, Catalyst 1200 Series, Catalyst 1900 Series and 68 more | 2025-04-03 | N/A |
| Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. | ||||
| CVE-2005-4826 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. | ||||
| CVE-2006-0340 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. | ||||
| CVE-2005-1020 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data. | ||||
| CVE-2003-1109 | 1 Cisco | 4 Ios, Ip Phone 7940, Ip Phone 7960 and 1 more | 2025-04-03 | N/A |
| The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | ||||
| CVE-2006-0485 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. | ||||