Filtered by vendor Cisco
Subscriptions
Total
6434 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3804 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. | ||||
| CVE-2008-3798 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. | ||||
| CVE-2008-3799 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages. | ||||
| CVE-2008-3801 | 1 Cisco | 3 Ios, Unified Callmanager, Unified Communications Manager | 2025-04-09 | N/A |
| Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. | ||||
| CVE-2008-3802 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801. | ||||
| CVE-2008-3806 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. | ||||
| CVE-2008-3808 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. | ||||
| CVE-2008-3809 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. | ||||
| CVE-2008-3810 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. | ||||
| CVE-2008-3820 | 1 Cisco | 1 Security Manager | 2025-04-09 | N/A |
| Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports. | ||||
| CVE-2008-3821 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. | ||||
| CVE-2008-4128 | 1 Cisco | 2 871 Integrated Services Router, Ios | 2025-04-09 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4296 | 1 Cisco | 1 Linksys Wrt350n | 2025-04-09 | N/A |
| The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | ||||
| CVE-2008-4391 | 1 Cisco | 1 Wvc54gc | 2025-04-09 | N/A |
| Stack-based buffer overflow in the SetSource method in the NetCamPlayerWeb11gv2 ActiveX control in NetCamPlayerWeb11gv2.ocx on the Cisco Linksys WVC54GC wireless video camera before firmware 1.25 allows remote attackers to execute arbitrary code via long invalid arguments. | ||||
| CVE-2008-4444 | 1 Cisco | 2 Unified Ip Phone 7940g, Unified Ip Phone 7960g | 2025-04-09 | N/A |
| Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers. | ||||
| CVE-2008-4542 | 1 Cisco | 1 Unity | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store). | ||||
| CVE-2008-4544 | 1 Cisco | 1 Unity | 2025-04-09 | N/A |
| Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error." | ||||
| CVE-2008-4545 | 1 Cisco | 1 Unity | 2025-04-09 | N/A |
| Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory. | ||||
| CVE-2008-4963 | 1 Cisco | 2 Catos, Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port. | ||||
| CVE-2008-5121 | 4 Bluecoat, Cisco, Citrix and 1 more | 5 Winproxy, Vpn Client, Deterministic Network Enhancer and 2 more | 2025-04-09 | N/A |
| dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. | ||||