Export limit exceeded: 16478 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6787 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1106 | 1 Cisco | 1 Vpn Client | 2026-04-16 | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks. | ||||
| CVE-2002-1107 | 1 Cisco | 1 Vpn Client | 2026-04-16 | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing. | ||||
| CVE-2006-3109 | 1 Cisco | 1 Call Manager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657. | ||||
| CVE-2005-0597 | 1 Cisco | 1 Application And Content Networking Software | 2026-04-16 | N/A |
| Cisco devices running Application and Content Networking System (ACNS) 5.0 before 5.0.17.6 and 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (process restart) via a "crafted TCP connection." | ||||
| CVE-2002-0852 | 1 Cisco | 1 Vpn Client | 2026-04-16 | N/A |
| Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads. | ||||
| CVE-2006-4909 | 1 Cisco | 1 Guard Ddos Mitigation Appliance | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), when anti-spoofing is enabled, allows remote attackers to inject arbitrary web script or HTML via certain character sequences in a URL that are not properly handled when the appliance sends a meta-refresh. | ||||
| CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2026-04-16 | N/A |
| Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | ||||
| CVE-1999-0453 | 1 Cisco | 1 Router | 2026-04-16 | N/A |
| An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP). | ||||
| CVE-2002-0813 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | ||||
| CVE-1999-0775 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. | ||||
| CVE-2006-3101 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters. | ||||
| CVE-1999-1100 | 1 Cisco | 1 Pix Private Link | 2026-04-16 | N/A |
| Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | ||||
| CVE-2002-1553 | 1 Cisco | 1 Optical Networking Systems Software | 2026-04-16 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist. | ||||
| CVE-2002-1554 | 1 Cisco | 1 Optical Networking Systems Software | 2026-04-16 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | ||||
| CVE-2001-0375 | 1 Cisco | 2 Pix Firewall 515, Pix Firewall 520 | 2026-04-16 | N/A |
| Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. | ||||
| CVE-2006-4911 | 1 Cisco | 1 Ips Sensor Software | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets". | ||||
| CVE-2003-0677 | 1 Cisco | 1 Webns | 2026-04-16 | N/A |
| Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure." | ||||
| CVE-2002-1595 | 1 Cisco | 1 Sn 5420 Storage Router Firmware | 2026-04-16 | N/A |
| Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization. | ||||
| CVE-2003-1004 | 1 Cisco | 2 Pix Firewall, Pix Firewall Software | 2026-04-16 | N/A |
| Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall. | ||||
| CVE-2006-0764 | 1 Cisco | 3 Anomaly Guard Module, Guard, Traffic Anomaly Detector Module | 2026-04-16 | N/A |
| The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455. | ||||