Filtered by vendor Cisco
Subscriptions
Filtered by product Ios
Subscriptions
Total
624 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3813 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. | ||||
| CVE-2007-4291 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. | ||||
| CVE-2008-3812 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. | ||||
| CVE-2008-3811 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. | ||||
| CVE-2008-3810 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. | ||||
| CVE-2007-4632 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105. | ||||
| CVE-2008-1447 | 6 Canonical, Cisco, Debian and 3 more | 8 Ubuntu Linux, Ios, Debian Linux and 5 more | 2025-04-09 | 6.8 Medium |
| The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." | ||||
| CVE-2008-3809 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. | ||||
| CVE-2008-3808 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. | ||||
| CVE-2009-2870 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. | ||||
| CVE-2008-1156 | 1 Cisco | 2 Cisco Ios, Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message. | ||||
| CVE-2009-0626 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. | ||||
| CVE-2008-3804 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. | ||||
| CVE-2008-3798 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. | ||||
| CVE-2008-3799 | 1 Cisco | 1 Ios | 2025-04-09 | N/A |
| Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages. | ||||
| CVE-2006-4774 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | ||||
| CVE-2002-1706 | 1 Cisco | 3 Ios, Ubr7100, Ubr7200 | 2025-04-03 | 7.5 High |
| Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. | ||||
| CVE-1999-0445 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | ||||
| CVE-2002-1360 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2025-04-03 | N/A |
| Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| CVE-2002-1359 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2025-04-03 | N/A |
| Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | ||||