Total
598 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3361 | 1 Cisco | 1 Ios | 2025-04-12 | 7.1 HIGH | N/A |
| The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071. | |||||
| CVE-2014-2131 | 1 Cisco | 1 Ios | 2025-04-12 | 6.1 MEDIUM | N/A |
| The packet driver in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a series of (1) Virtual Switching Systems (VSS) or (2) Bidirectional Forwarding Detection (BFD) packets, aka Bug IDs CSCug41049 and CSCue61890. | |||||
| CVE-2015-6385 | 1 Cisco | 1 Ios | 2025-04-12 | 7.2 HIGH | N/A |
| The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943. | |||||
| CVE-2015-6366 | 1 Cisco | 1 Ios | 2025-04-12 | 5.0 MEDIUM | N/A |
| Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interface ACLs, which allows remote attackers to bypass intended network-traffic restrictions in opportunistic circumstances by using a tunnel, aka Bug ID CSCur01042. | |||||
| CVE-2015-0607 | 1 Cisco | 1 Ios | 2025-04-12 | 4.3 MEDIUM | N/A |
| The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connection attempt with a blank password, aka Bug IDs CSCuo09400 and CSCun16016. | |||||
| CVE-2016-6398 | 1 Cisco | 1 Ios | 2025-04-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| The PPTP server in Cisco IOS 15.5(3)M does not properly initialize packet buffers, which allows remote attackers to obtain sensitive information from earlier network communication by reading packet data, aka Bug ID CSCvb16274. | |||||
| CVE-2014-7997 | 1 Cisco | 21 Aironet 1040, Aironet 1140, Aironet 1260 and 18 more | 2025-04-12 | 6.1 MEDIUM | N/A |
| The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281. | |||||
| CVE-2014-3309 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 5.0 MEDIUM | N/A |
| The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318. | |||||
| CVE-2012-5017 | 1 Cisco | 8 Asr 1001, Asr 1002, Asr 1002-x and 5 more | 2025-04-12 | 6.8 MEDIUM | N/A |
| Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268. | |||||
| CVE-2016-9201 | 1 Cisco | 1 Ios | 2025-04-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases: 15.3(3)M3. Known Fixed Releases: 15.6(2)T0.1 15.6(2.0.1a)T0 15.6(2.19)T 15.6(3)M. | |||||
| CVE-2014-2111 | 1 Cisco | 1 Ios | 2025-04-12 | 7.1 HIGH | N/A |
| The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996. | |||||
| CVE-2015-0642 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951. | |||||
| CVE-2014-3357 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. | |||||
| CVE-2016-6403 | 1 Cisco | 1 Ios | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912. | |||||
| CVE-2016-1333 | 1 Cisco | 1 Ios | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OIDs, aka Bug ID CSCux89878. | |||||
| CVE-2015-6278 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794. | |||||
| CVE-2015-0593 | 1 Cisco | 1 Ios | 2025-04-12 | 7.1 HIGH | N/A |
| The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and earlier does not properly manage session-object structures, which allows remote attackers to cause a denial of service (device reload) via crafted network traffic, aka Bug ID CSCul65003. | |||||
| CVE-2015-6279 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400. | |||||
| CVE-2015-0637 | 1 Cisco | 2 Ios, Ios Xe | 2025-04-12 | 7.8 HIGH | N/A |
| The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315. | |||||
| CVE-2012-3062 | 1 Cisco | 1 Ios | 2025-04-12 | 5.7 MEDIUM | N/A |
| Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193. | |||||