Filtered by vendor Cisco
Subscriptions
Total
6570 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4544 | 1 Cisco | 1 Unity | 2025-04-09 | N/A |
| Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error." | ||||
| CVE-2008-4542 | 1 Cisco | 1 Unity | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store). | ||||
| CVE-2008-4296 | 1 Cisco | 1 Linksys Wrt350n | 2025-04-09 | N/A |
| The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | ||||
| CVE-2008-4128 | 1 Cisco | 2 871 Integrated Services Router, Ios | 2025-04-09 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3821 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. | ||||
| CVE-2008-3820 | 1 Cisco | 1 Security Manager | 2025-04-09 | N/A |
| Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports. | ||||
| CVE-2008-3818 | 1 Cisco | 7 Ons, Ons 15310-cl, Ons 15310-ma and 4 more | 2025-04-09 | N/A |
| Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. | ||||
| CVE-2008-3816 | 1 Cisco | 2 Adaptive Security Appliance 5500 Series, Pix Security Appliance | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. | ||||
| CVE-2008-3813 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. | ||||
| CVE-2008-3812 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. | ||||
| CVE-2008-3811 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. | ||||
| CVE-2008-3810 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. | ||||
| CVE-2008-3809 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. | ||||
| CVE-2008-3808 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. | ||||
| CVE-2008-3807 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests. | ||||
| CVE-2008-3806 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. | ||||
| CVE-2008-1153 | 1 Cisco | 2 Cisco Ios, Ios | 2025-04-09 | N/A |
| Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. | ||||
| CVE-2008-1155 | 1 Cisco | 1 Network Admission Control | 2025-04-09 | N/A |
| Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs. | ||||
| CVE-2008-1156 | 1 Cisco | 2 Cisco Ios, Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message. | ||||
| CVE-2008-1157 | 1 Cisco | 1 Ciscoworks Internetwork Performance Monitor | 2025-04-09 | N/A |
| Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a process that executes a command shell and listens on a randomly chosen TCP port, which allows remote attackers to execute arbitrary commands. | ||||