Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cisco Subscribe
Total 5838 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-1165 1 Cisco 7 Catalyst 3750g, Cisco 1500 Wireless Lan Controller, Cisco 2000 Wireless Lan Controller and 4 more 2009-08-06 7.8 HIGH N/A
Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789.
CVE-2009-1166 1 Cisco 1 Catalyst 2009-08-06 7.8 HIGH N/A
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708.
CVE-2009-1167 1 Cisco 7 Catalyst 3750g, Cisco 1500 Wireless Lan Controller, Cisco 2000 Wireless Lan Controller and 4 more 2009-08-06 10.0 HIGH N/A
Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672.
CVE-2009-2045 1 Cisco 2 Video Surveillance Integrated Services Platform, Video Surveillance Stream Manager 2009-07-01 7.8 HIGH N/A
The Cisco Video Surveillance Stream Manager firmware before 5.3, as used on Cisco Video Surveillance Services Platforms and Video Surveillance Integrated Services Platforms, allows remote attackers to cause a denial of service (reboot) via a malformed payload in a UDP packet to port 37000, related to the xvcrman process, aka Bug ID CSCsj47924.
CVE-2009-2046 1 Cisco 1 Video Surveillance 2500 Series Ip Camera 2009-07-01 6.8 MEDIUM N/A
The embedded web server on the Cisco Video Surveillance 2500 Series IP Camera with firmware before 2.1 allows remote attackers to read arbitrary files via a (1) http or (2) https request, related to the (a) SD Camera Web Server and the (b) Wireless Camera HTTP Server, aka Bug IDs CSCsu05515 and CSCsr96497.
CVE-2009-1163 1 Cisco 1 Physical Access Gateway 2009-07-01 7.8 HIGH N/A
Memory leak on the Cisco Physical Access Gateway with software before 1.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified TCP packets.
CVE-2009-0623 1 Cisco 3 Ace 4710, Application Control Engine Module, Catalyst 2009-06-18 7.8 HIGH N/A
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet.
CVE-2009-1161 1 Cisco 10 Ciscoworks Common Services, Ciscoworks Health And Utilization Monitor, Ciscoworks Lan Management Solution and 7 more 2009-06-08 10.0 HIGH N/A
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
CVE-2009-1555 1 Cisco 1 Wvc54gca 2009-05-22 5.0 MEDIUM N/A
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by reading the SetupWizard.exe process memory, a related issue to CVE-2008-4390.
CVE-2009-1556 1 Cisco 1 Wvc54gca 2009-05-22 3.5 LOW N/A
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the next_file parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerability than CVE-2004-2507.
CVE-2009-1561 1 Cisco 1 Wrt54gc 2009-05-06 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters.
CVE-2009-1160 1 Cisco 2 Adaptive Security Appliance 5500, Pix 2009-04-27 4.3 MEDIUM N/A
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
CVE-2009-1155 1 Cisco 2 Adaptive Security Appliance 5500, Pix 2009-04-27 7.8 HIGH N/A
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
CVE-2009-1156 1 Cisco 2 Adaptive Security Appliance 5500, Pix 2009-04-27 5.7 MEDIUM N/A
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
CVE-2009-1157 1 Cisco 2 Adaptive Security Appliance 5500, Pix 2009-04-27 7.8 HIGH N/A
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet.
CVE-2009-1158 1 Cisco 2 Adaptive Security Appliance 5500, Pix 2009-04-27 7.8 HIGH N/A
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet.
CVE-2009-1159 1 Cisco 2 Adaptive Security Appliance 5500, Pix 2009-04-27 7.8 HIGH N/A
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets.
CVE-2009-0615 1 Cisco 2 Application Control Engine Device Manager, Application Networking Manager 2009-03-02 9.0 HIGH N/A
Directory traversal vulnerability in Cisco Application Networking Manager (ANM) before 2.0 and Application Control Engine (ACE) Device Manager before A3(2.1) allows remote authenticated users to read or modify arbitrary files via unspecified vectors, related to "invalid directory permissions."
CVE-2009-0616 1 Cisco 1 Application Networking Manager 2009-03-02 10.0 HIGH N/A
Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation."
CVE-2009-0617 1 Cisco 1 Application Networking Manager 2009-03-02 10.0 HIGH N/A
Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.