Search Results (6788 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1096 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.
CVE-2005-2451 1 Cisco 2 Ios, Ios Xr 2026-04-16 N/A
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.
CVE-2005-2280 1 Cisco 1 Security Agent 2026-04-16 N/A
Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet.
CVE-2002-1095 1 Cisco 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
CVE-2001-0429 1 Cisco 1 Catos 2026-04-16 N/A
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
CVE-1999-1466 1 Cisco 1 Ios 2026-04-16 N/A
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
CVE-2005-2279 1 Cisco 1 Ons 15216 Optical Add Drop Multiplexer Software 2026-04-16 N/A
Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data.
CVE-2005-2244 1 Cisco 1 Call Manager 2026-04-16 N/A
The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow.
CVE-2002-1094 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.
CVE-2005-2243 1 Cisco 1 Call Manager 2026-04-16 N/A
Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail.
CVE-2005-2242 1 Cisco 1 Call Manager 2026-04-16 N/A
Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to cause a denial of service (memory consumption and restart) via crafted packets to (1) the CTI Manager (ctimgr.exe) or (2) the CallManager (ccm.exe).
CVE-2002-1093 1 Cisco 1 Vpn 3000 Concentrator Series Software 2026-04-16 N/A
HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.
CVE-2001-0428 1 Cisco 1 Vpn 3000 Concentrator Series Software 2026-04-16 N/A
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
CVE-2005-2241 1 Cisco 1 Call Manager 2026-04-16 N/A
Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe.
CVE-2005-2181 1 Cisco 4 Ip Phone 7940, Ip Phone 7940 Firmware, Ip Phone 7960 and 1 more 2026-04-16 7.5 High
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
CVE-2002-1092 1 Cisco 1 Vpn 3000 Concentrator Series Software 2026-04-16 N/A
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
CVE-2005-2105 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
CVE-2005-2025 1 Cisco 8 Vpn 3000 Concentrator, Vpn 3000 Concentrator Series Software, Vpn 3005 Concentrator Software and 5 more 2026-04-16 N/A
Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.
CVE-2002-1024 1 Cisco 4 Catos, Css11000 Content Services Switch, Ios and 1 more 2026-04-16 N/A
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
CVE-2001-0427 1 Cisco 6 Vpn 3000 Concentrator, Vpn 3005 Concentrator, Vpn 3015 Concentrator and 3 more 2026-04-16 N/A
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.