CVE-2026-20114

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...

Cisco IOS 安全漏洞

Cisco IOS is a set of operating systems developed by the American company Cisco for its network devices. A security vulnerability exists in Cisco IOS that stems from improper input validation and could lead to a denial of service attack...

The vulnerability of DHCP Snooping on Cisco IOS XE operating systems allows a intruder to trigger a service failure.

The vulnerability of DHCP Snooping in Cisco IOS XE operating systems is related to a logical priority error during the processing of IPv4 packets. Exploiting this vulnerability allows an attacker to cause service interruptions by sending specially crafted packets remotely...

The vulnerability of Cisco IOS XR operating system’s MPLS interfaces allows attackers to circumvent security restrictions.

The vulnerability of Cisco IOS XR operating system’s MPLS interfaces is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

The vulnerability of the implementation of the IPv6 VPN network protocol on the Cisco IOS XE operating system allows a intruder to cause a service failure.

The vulnerability of the Cisco IOS XE operating system’s IPv6 VPN protocol is related to the occurrence of interpretation conflicts. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service interruptions...

CVE-2022-20851

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input...

CVE-2022-20678

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could...

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a suite of data center-grade operating system software used by Cisco switches. A security vulnerability exists in Cisco NX-OS Software for Cisco Nexus 9000 Series Switches, which originates from a logic error in the BFD Rate Limiter feature. An attacker could exploit this...

The vulnerability of the vDaemon software from Cisco IOS XE SD-WAN allows a attacker to trigger buffer overflows.

The vulnerability of the vDaemon software in Cisco IOS XE SD-WAN lies in insufficient boundary checking during traffic processing. Exploiting this vulnerability can allow a remote attacker to trigger buffer overflows...

Cisco IOS XE elevation of privilege vulnerability (CNVD-2019-10463)

Cisco IOS XE is a modular operating system based on the Linux kernel. An elevation of privilege vulnerability exists in the web UI of Cisco IOS XE, which stems from a failure of the Web Services Management Agent WSMA feature to validate input, which can be exploited by a remote, low-privilege...

The vulnerability of the PowerOn Auto Provisioning (POAP) mechanism in the network operating system of Cisco NX-OS switches allows a perpetrator to gain access to other devices.

The vulnerability of the PowerOn Auto Provisioning POAP mechanism in the network operating system of Cisco NX-OS switches involves errors during the automated device deployment process. Exploiting this vulnerability allows a malicious actor to download and execute malicious configuration scenario...

CVE-2018-11750

Previous releases of the Puppet ciscoios module did not validate a host's identity before starting a SSH connection. As of the 0.4.0 release of ciscoios, host key checking is enabled by default...

Cisco IOS XR Denial of Service Vulnerability (CNVD-2018-08773)

Cisco IOS XR Software is the United States Cisco Cisco company's IOS software series including IOS T, IOS S and IOS XR in a fully modular, distributed network operating system. A resource management error vulnerability in the UDP broadcast sending feature in Cisco IOS XR Software version 6.3.1,...

Cisco IOS Software and IOS XE Software Denial of Service Vulnerabilities

Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices. An input validation vulnerability exists in the DHCP option 82 encapsulation feature in Cisco IOS Software and IOS XE Software, which arises from the program's failure to perform full inp...

Cisco IOS and Cisco IOS XE Denial of Service Vulnerabilities

Cisco IOS and IOS XE are both operating systems developed by Cisco for its network devices.UDP processing is one of the UDP User Datagram Protocol protocol handlers. A denial of service vulnerability exists in the UDP processing code in Cisco IOS and IOS XE. A remote attacker could exploit this...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the IKE protocol implementation in the WS-IPSEC-3 service module of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor to cause service failures by sending a special message at the time of establishi...

Cisco IOS and IOS-XE Denial of Service Vulnerability (CNVD-2015-02813)

Cisco IOS and IOS-XE are both operating systems developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS version 15.5S and IOS-XE, which stems from the program's failure to properly handle RADIUS packets. A remote attacker could exploit the vulnerability to cause a...