Filtered by vendor Cisco
Subscriptions
Total
6329 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2977 | 1 Cisco | 1 Cs-mars | 2025-04-09 | N/A |
| The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files. | ||||
| CVE-2009-2976 | 1 Cisco | 2 Aironet Ap1100, Aironet Ap1200 | 2025-04-09 | N/A |
| Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network. | ||||
| CVE-2009-2878 | 1 Cisco | 1 Webex | 2025-04-09 | N/A |
| Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879. | ||||
| CVE-2009-2872 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776. | ||||
| CVE-2009-2870 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. | ||||
| CVE-2009-2869 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. | ||||
| CVE-2009-2867 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691. | ||||
| CVE-2009-2861 | 1 Cisco | 2 Aironet Ap1100, Aironet Ap1200 | 2025-04-09 | N/A |
| The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | ||||
| CVE-2009-1165 | 1 Cisco | 7 Catalyst 3750g, Cisco 1500 Wireless Lan Controller, Cisco 2000 Wireless Lan Controller and 4 more | 2025-04-09 | N/A |
| Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789. | ||||
| CVE-2009-1166 | 1 Cisco | 1 Catalyst | 2025-04-09 | N/A |
| The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708. | ||||
| CVE-2009-1167 | 1 Cisco | 7 Catalyst 3750g, Cisco 1500 Wireless Lan Controller, Cisco 2000 Wireless Lan Controller and 4 more | 2025-04-09 | N/A |
| Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672. | ||||
| CVE-2009-1201 | 1 Cisco | 1 Adaptive Security Appliance | 2025-04-09 | N/A |
| Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694. | ||||
| CVE-2009-0617 | 1 Cisco | 1 Application Networking Manager | 2025-04-09 | N/A |
| Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files. | ||||
| CVE-2009-0618 | 1 Cisco | 1 Application Networking Manager | 2025-04-09 | N/A |
| Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files. | ||||
| CVE-2009-0620 | 1 Cisco | 2 Application Control Engine Module, Catalyst | 2025-04-09 | N/A |
| Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.1) uses default (1) usernames and (2) passwords for (a) the administrator and (b) web management, which makes it easier for remote attackers to perform configuration changes or obtain operating-system access. | ||||
| CVE-2009-0625 | 1 Cisco | 3 Ace 4710, Application Control Engine Module, Catalyst | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. | ||||
| CVE-2009-0627 | 1 Cisco | 3 Nexus 5000, Nexus 7000, Nx-os | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609. | ||||
| CVE-2006-5277 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2025-04-09 | N/A |
| Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. | ||||
| CVE-2007-0058 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2025-04-09 | N/A |
| Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager (CAM) allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file. | ||||
| CVE-2006-5393 | 1 Cisco | 1 Secure Desktop | 2025-04-09 | 5.5 Medium |
| Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session. | ||||