ReportizFlow
Filtered by vendor Cisco
Subscriptions
Total
6787 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4650 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs. | ||||
| CVE-2006-4775 | 1 Cisco | 2 Catos, Ios | 2026-04-16 | N/A |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. | ||||
| CVE-2006-4911 | 1 Cisco | 1 Ips Sensor Software | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets". | ||||
| CVE-2006-3906 | 1 Cisco | 21 Adaptive Security Appliance Software, Ios, Pix Asa Ids and 18 more | 2026-04-16 | N/A |
| Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. | ||||
| CVE-2006-4032 | 1 Cisco | 1 Callmanager Express | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sensitive information (user names) from the Session Initiation Protocol (SIP) user directory via certain SIP messages, aka bug CSCse92417. | ||||
| CVE-2006-4194 | 1 Cisco | 8 Pix Firewall 501, Pix Firewall 506, Pix Firewall 515 and 5 more | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue | ||||
| CVE-2006-3101 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters. | ||||
| CVE-2006-1960 | 1 Cisco | 1 Wireless Lan Solution Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095. | ||||
| CVE-2006-1961 | 1 Cisco | 5 Ciscoworks 2000 Service Management Solution, Ethernet Subscriber Solution Engine, Hosting Solution Engine and 2 more | 2026-04-16 | N/A |
| Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory. | ||||
| CVE-2006-1631 | 1 Cisco | 1 Content Services Switch 11500 | 2026-04-16 | N/A |
| Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests. | ||||
| CVE-2005-4499 | 1 Cisco | 21 Adaptive Security Appliance Software, Pix Asa Ids, Pix Firewall and 18 more | 2026-04-16 | N/A |
| The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. | ||||
| CVE-2005-3886 | 1 Cisco | 1 Security Agent | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software. | ||||
| CVE-2005-3427 | 1 Cisco | 1 Ciscoworks Management Center For Ips Sensors | 2026-04-16 | N/A |
| The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while generating the Cisco IOS IPS configuration file, wich can cause some signatures to be disabled and makes it easier for attackers to escape detection. | ||||
| CVE-2005-3482 | 1 Cisco | 3 Aironet Ap1131, Aironet Ap1200, Aironet Ap1240 | 2026-04-16 | N/A |
| Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host. | ||||
| CVE-2005-2243 | 1 Cisco | 1 Call Manager | 2026-04-16 | N/A |
| Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail. | ||||
| CVE-2005-2451 | 1 Cisco | 2 Ios, Ios Xr | 2026-04-16 | N/A |
| Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | ||||
| CVE-2005-2631 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2026-04-16 | N/A |
| Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users. | ||||
| CVE-2005-2695 | 1 Cisco | 2 Ciscoworks Management Center For Ids Sensors, Ciscoworks Monitoring Center For Security | 2026-04-16 | N/A |
| Unspecified vulnerability in the SSL certificate checking functionality in Cisco CiscoWorks Management Center for IDS Sensors (IDSMC) 2.0 and 2.1, and Monitoring Center for Security (Security Monitor or Secmon) 1.1 through 2.0 and 2.1, allows remote attackers to spoof a Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS). | ||||
| CVE-2005-1020 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data. | ||||
| CVE-2005-0598 | 1 Cisco | 10 Application And Content Networking Software, Content Delivery Manager, Content Distribution Manager 4630 and 7 more | 2026-04-16 | N/A |
| The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets. | ||||