← Back

Cisco

cisco

6,588 CVEs • 6,222 products

Products (6,222)

Click to collapse
Toggle
Ios
ios
613 CVEs
Ios Xe
ios_xe
541 CVEs
Adaptive Security Appliance Software
adaptive_security_appliance_software
351 CVEs
Nx Os
nx_os
275 CVEs
Unified Communications Manager
unified_communications_manager
239 CVEs
Firepower Threat Defense
firepower_threat_defense
230 CVEs
Ios Xr
ios_xr
193 CVEs
Secure Firewall Management Center
secure_firewall_management_center
182 CVEs
Identity Services Engine
identity_services_engine
169 CVEs
Webex Meetings Server
webex_meetings_server
136 CVEs
Rv110w Firmware
rv110w_firmware
128 CVEs
Rv130w Firmware
rv130w_firmware
127 CVEs
Unified Computing System
unified_computing_system
105 CVEs
Catalyst Sd Wan Manager
catalyst_sd-wan_manager
91 CVEs
Prime Infrastructure
prime_infrastructure
89 CVEs
Wireless Lan Controller Software
wireless_lan_controller_software
88 CVEs
Application Extension Platform
application_extension_platform
79 CVEs
Rv215w Firmware
rv215w_firmware
71 CVEs
Anyconnect Secure Mobility Client
anyconnect_secure_mobility_client
69 CVEs
Webex Meetings
webex_meetings
69 CVEs
Rv215w Wireless N Vpn Router Firmware
rv215w_wireless-n_vpn_router_firmware
68 CVEs
Data Center Network Manager
data_center_network_manager
68 CVEs
Web Security Appliance
web_security_appliance
65 CVEs
Adaptive Security Appliance
adaptive_security_appliance
63 CVEs
Unity Connection
unity_connection
63 CVEs
Rv130 Vpn Router Firmware
rv130_vpn_router_firmware
62 CVEs
Webex Meetings Online
webex_meetings_online
59 CVEs
Rv130 Firmware
rv130_firmware
59 CVEs
Firepower Extensible Operating System
firepower_extensible_operating_system
56 CVEs
Asyncos
asyncos
54 CVEs
Asa 5500
asa_5500
52 CVEs
Rv320 Firmware
rv320_firmware
52 CVEs
Rv325 Firmware
rv325_firmware
52 CVEs
5500 Series Adaptive Security Appliance
5500_series_adaptive_security_appliance
51 CVEs
Email Security Appliance
email_security_appliance
50 CVEs
Evolved Programmable Network Manager
evolved_programmable_network_manager
50 CVEs
Identity Services Engine Software
identity_services_engine_software
49 CVEs
Unified Contact Center Express
unified_contact_center_express
47 CVEs
Rv042 Firmware
rv042_firmware
46 CVEs
Rv042g Firmware
rv042g_firmware
46 CVEs
Telepresence Video Communication Server
telepresence_video_communication_server
42 CVEs
Sd Wan Vmanage
sd-wan_vmanage
42 CVEs
Unified Communications Domain Manager
unified_communications_domain_manager
41 CVEs
Sd Wan Firmware
sd-wan_firmware
41 CVEs
Unified Communications Manager Im And Presence Service
unified_communications_manager_im_and_presence_service
39 CVEs
Rv082 Dual Wan Vpn Router Firmware
rv082_dual_wan_vpn_router_firmware
37 CVEs
Rv016 Firmware
rv016_firmware
37 CVEs
Rv082 Firmware
rv082_firmware
37 CVEs
Rv042 Dual Wan Vpn Router Firmware
rv042_dual_wan_vpn_router_firmware
36 CVEs
Secure Access Control System
secure_access_control_system
35 CVEs
Firesight System Software
firesight_system_software
35 CVEs
Rv340w Firmware
rv340w_firmware
35 CVEs
Rv340 Firmware
rv340_firmware
35 CVEs
Rv345 Firmware
rv345_firmware
35 CVEs
Rv345p Firmware
rv345p_firmware
35 CVEs
Rv016 Multi Wan Vpn Router Firmware
rv016_multi-wan_vpn_router_firmware
35 CVEs
Rv042g Dual Gigabit Wan Vpn Router Firmware
rv042g_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Rv320 Dual Gigabit Wan Vpn Router Firmware
rv320_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Rv325 Dual Gigabit Wan Vpn Router Firmware
rv325_dual_gigabit_wan_vpn_router_firmware
35 CVEs
Secure Access Control Server
secure_access_control_server
34 CVEs
Jabber
jabber
34 CVEs
Prime Collaboration Provisioning
prime_collaboration_provisioning
34 CVEs
Application Policy Infrastructure Controller
application_policy_infrastructure_controller
34 CVEs
Sf302 08pp Firmware
sf302-08pp_firmware
32 CVEs
Sf302 08mpp Firmware
sf302-08mpp_firmware
32 CVEs
Sg300 10pp Firmware
sg300-10pp_firmware
32 CVEs
Sg300 10mpp Firmware
sg300-10mpp_firmware
32 CVEs
Sf300 24pp Firmware
sf300-24pp_firmware
32 CVEs
Sf300 48pp Firmware
sf300-48pp_firmware
32 CVEs
Sg300 28pp Firmware
sg300-28pp_firmware
32 CVEs
Sf300 08 Firmware
sf300-08_firmware
32 CVEs
Sf300 48p Firmware
sf300-48p_firmware
32 CVEs
Sg300 10mp Firmware
sg300-10mp_firmware
32 CVEs
Sg300 10p Firmware
sg300-10p_firmware
32 CVEs
Sg300 10 Firmware
sg300-10_firmware
32 CVEs
Sg300 28p Firmware
sg300-28p_firmware
32 CVEs
Sf300 24p Firmware
sf300-24p_firmware
32 CVEs
Sg300 28 Firmware
sg300-28_firmware
32 CVEs
Sf300 48 Firmware
sf300-48_firmware
32 CVEs
Sg300 20 Firmware
sg300-20_firmware
32 CVEs
Sg300 52 Firmware
sg300-52_firmware
32 CVEs
Sf300 24 Firmware
sf300-24_firmware
32 CVEs
Sf302 08 Firmware
sf302-08_firmware
32 CVEs
Sf300 24mp Firmware
sf300-24mp_firmware
32 CVEs
Sg300 28mp Firmware
sg300-28mp_firmware
32 CVEs
Sg300 52p Firmware
sg300-52p_firmware
32 CVEs
Sg300 52mp Firmware
sg300-52mp_firmware
32 CVEs
Webex Meeting Center
webex_meeting_center
31 CVEs
Meeting Server
meeting_server
31 CVEs
Sg300 10sfp Firmware
sg300-10sfp_firmware
31 CVEs
Telepresence Collaboration Endpoint
telepresence_collaboration_endpoint
31 CVEs
Firepower Threat Defense Software
firepower_threat_defense_software
31 CVEs
Security Manager
security_manager
30 CVEs
Firewall Services Module
firewall_services_module
29 CVEs
Telepresence Video Communication Server Software
telepresence_video_communication_server_software
29 CVEs
Sg500 28mpp Firmware
sg500-28mpp_firmware
29 CVEs
Sf500 24 Firmware
sf500-24_firmware
29 CVEs
Sf500 24p Firmware
sf500-24p_firmware
29 CVEs
Sf500 48 Firmware
sf500-48_firmware
29 CVEs
Sg500 28 Firmware
sg500-28_firmware
29 CVEs

CVEs (6,588)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2006-2679
1Cisco
1Vpn Client
Apr 16, 2026
May 31, 2006
N/A· v4
N/A· v3
7.2 HIGH· v2
Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated,...Show more
Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated, interactive users to gain privileges, possibly due to privileges of dialog boxes, aka bug ID CSCsd79265.Show less
CVE-2006-2322
1Cisco
2Application Velocity System 3110
Application Velocity System 3120
Apr 16, 2026
May 12, 2006
N/A· v4
N/A· v3
6.4 MEDIUM· v2
The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP conne...Show more
The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143.Show less
CVE-2006-0561
1Cisco
1Secure Access Control Server
Apr 16, 2026
May 10, 2006
N/A· v4
N/A· v3
7.2 HIGH· v2
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the...Show more
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key.Show less
CVE-2006-0515
1Cisco
4Adaptive Security Appliance Software
Firewall Services ModulePix Firewall+1 more
Apr 16, 2026
May 9, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access rest...Show more
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.Show less
CVE-2006-2166
1Cisco
2Unity Express
Unity Express Software
Apr 16, 2026
May 4, 2006
N/A· v4
N/A· v3
2.1 LOW· v2
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated at...Show more
Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.Show less
CVE-2006-1961
1Cisco
5Ciscoworks 2000 Service Management Solution
Ethernet Subscriber Solution EngineHosting Solution Engine+2 more
Apr 16, 2026
Apr 21, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (...Show more
Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory.Show less
CVE-2006-1960
1Cisco
1Wireless Lan Solution Engine
Apr 16, 2026
Apr 21, 2006
N/A· v4
N/A· v3
5.8 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or...Show more
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.Show less
CVE-2006-1928
1Cisco
1Ios Xr
Apr 16, 2026
Apr 20, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handlin...Show more
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS packets, as identified by Cisco bug IDs (1) CSCsd15970 and (2) CSCsd55531.Show less
CVE-2006-1927
1Cisco
1Ios Xr
Apr 16, 2026
Apr 20, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS pa...Show more
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475.Show less
CVE-2006-1672
1Cisco
5Ons 15310 Cl Series
Ons 15454 MsppOns 15600+2 more
Apr 16, 2026
Apr 7, 2006
N/A· v4
N/A· v3
7.5 HIGH· v2
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to an...Show more
The installation of Cisco Transport Controller (CTC) for Cisco Optical Networking System (ONS) 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute arbitrary code on a CTC workstation, aka bug ID CSCea25049.Show less
CVE-2006-1671
1Cisco
5Ons 15310 Cl Series
Ons 15454 MsppOns 15600+2 more
Apr 16, 2026
Apr 7, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-t...Show more
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (card reset) via (1) a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; (2) a "crafted" IP packet to a device with IP on the LAN interface, aka bug ID CSCsd04168; and (3) a "malformed" OSPF packet, aka bug ID CSCsc54558.Show less
CVE-2006-1670
1Cisco
5Ons 15310 Cl Series
Ons 15454 MsppOns 15454 Mstp+2 more
Apr 16, 2026
Apr 7, 2006
N/A· v4
N/A· v3
7.8 HIGH· v2
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response wh...Show more
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.Show less
CVE-2006-1631
1Cisco
1Content Services Switch 11500
Apr 16, 2026
Apr 5, 2006
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2...Show more
Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests.Show less
CVE-2006-0764
1Cisco
3Anomaly Guard Module
GuardTraffic Anomaly Detector Module
Apr 16, 2026
Feb 18, 2006
N/A· v4
N/A· v3
5.1 MEDIUM· v2
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ c...Show more
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.Show less
CVE-2006-0486
1Cisco
1Ios
Apr 16, 2026
Feb 1, 2006
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the sam...Show more
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770.Show less
CVE-2006-0485
1Cisco
1Ios
Apr 16, 2026
Feb 1, 2006
N/A· v4
N/A· v3
4.6 MEDIUM· v2
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command author...Show more
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.Show less
CVE-2006-0483
1Cisco
2Vpn 3000 Concentrator Series Software
Vpn 3030 Concentator
Apr 16, 2026
Jan 31, 2006
N/A· v4
N/A· v3
7.8 HIGH· v2
Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet.
CVE-2006-0368
1Cisco
1Call Manager
Apr 16, 2026
Jan 22, 2006
N/A· v4
N/A· v3
7.8 HIGH· v2
Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TC...Show more
Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.Show less
CVE-2006-0367
1Cisco
1Call Manager
Apr 16, 2026
Jan 22, 2006
N/A· v4
N/A· v3
6.5 MEDIUM· v2
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain...Show more
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page."Show less
CVE-2006-0354
1Cisco
8Aironet Ap1100
Aironet Ap1130agAironet Ap1200+5 more
Apr 16, 2026
Jan 22, 2006
N/A· v4
N/A· v3
5.5 MEDIUM· v2
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the manag...Show more
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.Show less