Total
595 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-0584 | 1 Cisco | 1 Ios | 2010-07-12 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250. | |||||
CVE-2010-0579 | 1 Cisco | 1 Ios | 2010-04-12 | 7.8 HIGH | N/A |
The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability." | |||||
CVE-2010-0582 | 1 Cisco | 1 Ios | 2010-04-12 | 7.8 HIGH | N/A |
Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. | |||||
CVE-2010-0581 | 1 Cisco | 1 Ios | 2010-04-12 | 10.0 HIGH | N/A |
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." | |||||
CVE-2010-0580 | 1 Cisco | 1 Ios | 2010-04-12 | 10.0 HIGH | N/A |
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability." | |||||
CVE-2010-0585 | 1 Cisco | 1 Ios | 2010-03-31 | 7.8 HIGH | N/A |
Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability." | |||||
CVE-2009-2868 | 1 Cisco | 1 Ios | 2009-09-30 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997. | |||||
CVE-2009-2873 | 1 Cisco | 1 Ios | 2009-09-30 | 7.1 HIGH | N/A |
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. | |||||
CVE-2009-2872 | 1 Cisco | 1 Ios | 2009-09-30 | 6.8 MEDIUM | N/A |
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776. | |||||
CVE-2009-2871 | 1 Cisco | 1 Ios | 2009-09-30 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. | |||||
CVE-2009-2870 | 1 Cisco | 1 Ios | 2009-09-30 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. | |||||
CVE-2008-5230 | 1 Cisco | 1 Ios | 2008-12-02 | 6.8 MEDIUM | N/A |
The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng. | |||||
CVE-2007-5548 | 1 Cisco | 1 Ios | 2008-11-14 | 6.9 MEDIUM | N/A |
Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2007-5547 | 1 Cisco | 1 Ios | 2008-11-14 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2007-5549 | 1 Cisco | 1 Ios | 2008-11-14 | 2.1 LOW | N/A |
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2003-0647 | 1 Cisco | 1 Ios | 2008-09-10 | 7.5 HIGH | N/A |
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | |||||
CVE-2000-0345 | 1 Cisco | 7 Ios, Router 2500, Router 2600 and 4 more | 2008-09-10 | 2.1 LOW | N/A |
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | |||||
CVE-2000-0268 | 1 Cisco | 12 3660 Router, 7100 Router, 7200 Router and 9 more | 2008-09-10 | 5.0 MEDIUM | N/A |
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | |||||
CVE-2000-0380 | 1 Cisco | 1 Ios | 2008-09-09 | 7.1 HIGH | N/A |
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | |||||
CVE-1999-0445 | 1 Cisco | 1 Ios | 2008-09-09 | 5.0 MEDIUM | N/A |
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. |