Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-10-23 | CVE-2008-3817 | Resource Management Errors vulnerability in Cisco products Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator." | 7.8 |
| 2008-10-23 | CVE-2008-3816 | Denial of Service vulnerability in Cisco products Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. | 7.8 |
| 2008-10-23 | CVE-2008-3815 | Improper Authentication vulnerability in Cisco ASA 5500 and PIX Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors. | 4.3 |
| 2008-10-13 | CVE-2008-4545 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unity Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory. | 4.0 |
| 2008-10-13 | CVE-2008-4544 | Remote vulnerability in Cisco Unity 7.0 Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error." | 5.0 |
| 2008-10-13 | CVE-2008-4543 | Resource Management Errors vulnerability in Cisco Unity Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections. | 7.1 |
| 2008-10-13 | CVE-2008-4542 | Cross-Site Scripting vulnerability in Cisco Unity Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store). | 3.5 |
| 2008-10-08 | CVE-2008-3814 | Improper Authentication vulnerability in Cisco Unity Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once. | 5.8 |
| 2008-09-27 | CVE-2008-4296 | Credentials Management vulnerability in Cisco Linksys Wrt350N The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | 10.0 |
| 2008-09-26 | CVE-2008-3813 | Unspecified vulnerability in Cisco IOS Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. | 7.8 |