Cisco
cisco
6,602 CVEs • 6,224 products
Products (6,224)
Click to collapseToggle
Products (6,224)
Click to collapse
CVEs (6,602)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Cisco 4Sa500 Software Sa520Sa520w+1 moreApr 29, 2026 Jul 28, 2011 N/A· v4 N/A· v3 9.0 HIGH· v2 The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CS...Show more |
1Cisco 4Sa500 Software Sa520Sa520w+1 moreApr 29, 2026 Jul 28, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors,...Show more |
1Cisco 2Content Services Gateway Second Generation IosApr 29, 2026 Jul 11, 2011 N/A· v4 N/A· v3 7.8 HIGH· v2 Cisco IOS 12.4MDA before 12.4(24)MDA5 on the Cisco Content Services Gateway - Second Generation (CSG2) allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets, aka Bug ID CSCtl79577. |
The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions (NT AUTHORITY\INTERACTIVE:F) for cvpnd.exe, which allows local users to gain privileges by replacing this executable file w...Show more |
The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router...Show more |
1Cisco 1Anyconnect Secure Mobility Client Apr 29, 2026 Jun 2, 2011 N/A· v4 N/A· v3 7.2 HIGH· v2 The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecifi...Show more |
Cisco Network Registrar before 7.2 has a default administrative password, which makes it easier for remote attackers to obtain access via a TCP session, aka Bug ID CSCsm50627. |
1Cisco 15Skinny Client Control Protocol Software Unified Ip Phone 7906Unified Ip Phone 7911g+12 moreApr 29, 2026 Jun 2, 2011 N/A· v4 N/A· v3 1.5 LOW· v2 Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn659...Show more |
1Cisco 2Media Experience Engine 5600 Media Processing SoftwareApr 29, 2026 Jun 2, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Cisco Media Processing Software before 1.2 on Media Experience Engine (MXE) 5600 devices has a default root password, which makes it easier for context-dependent attackers to obtain access via (1) the local console, (2)...Show more |
1Cisco 15Skinny Client Control Protocol Software Unified Ip Phone 7906Unified Ip Phone 7911g+12 moreApr 29, 2026 Jun 2, 2011 N/A· v4 N/A· v3 6.6 MEDIUM· v2 Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815. |
1Cisco 15Skinny Client Control Protocol Software Unified Ip Phone 7906Unified Ip Phone 7911g+12 moreApr 29, 2026 Jun 2, 2011 N/A· v4 N/A· v3 6.6 MEDIUM· v2 The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426. |
1Cisco 1Anyconnect Secure Mobility Client Apr 29, 2026 Jun 2, 2011 N/A· v4 N/A· v3 9.3 HIGH· v2 The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) w...Show more |
1Cisco 1Anyconnect Secure Mobility Client Apr 29, 2026 Jun 2, 2011 N/A· v4 N/A· v3 7.6 HIGH· v2 The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifyin...Show more |
Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID C...Show more |
1Cisco 2Content Delivery System Content Delivery System EngineApr 29, 2026 May 31, 2011 N/A· v4 N/A· v3 7.8 HIGH· v2 The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash) via a crafted URL, a...Show more |
1Cisco 4Rvs4000 Rvs4000 SoftwareWrvs4400n+1 moreApr 29, 2026 May 31, 2011 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote att...Show more |
1Cisco 4Rvs4000 Rvs4000 SoftwareWrvs4400n+1 moreApr 29, 2026 May 31, 2011 N/A· v4 N/A· v3 9.0 HIGH· v2 The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote aut...Show more |
1Cisco 4Rvs4000 Rvs4000 SoftwareWrvs4400n+1 moreApr 29, 2026 May 31, 2011 N/A· v4 N/A· v3 9.3 HIGH· v2 The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote att...Show more |
Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 conne...Show more |
Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147. |