Lucene search
K

80 matches found

Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.86 views

Cisco Integrated Services Routers 1000/4000 Series HTTP Detection Engine File Policy Bypass (cisco-sa-snort-filepolbypass-67DEwMe2)

According to its version and configuration, the Cisco Software running on the remote Integrated Services Router device is affected by affected by a file policy bypass vulnerability due to the incorrect handling of a HTTP range header. An unauthenticated, remote attacker could send a carefully...

7.5CVSS6.4AI score0.01985EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/02/03 12:0 a.m.49 views

Cisco IOS XE Software for 4461 Integrated Services Routers DoS (cisco-sa-ISR4461-gKKUROhx)

According to its self-reported version, IOS-XE is affected by a denial of service vulnerability. A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload,...

8.6CVSS7.9AI score0.01918EPSS
Exploits0References4
CNVD
CNVD
added 2021/01/26 12:0 a.m.4 views

Jinan Yuxia Information Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities (CNVD-2021-12786)

Jinan Yuxia Information Technology Co., Ltd. to the Internet products and related services as the main direction, is a collection of website construction and network promotion, IDC business, software development, server hosting, telecommunications value-added services and other integrated service...

7.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/10/09 12:0 a.m.8 views

The vulnerability in the implementation of Integrated Services Digital Network (ISDN) operating systems such as Cisco IOS and Cisco IOS XE allows a attacker to induce a service failure.

The vulnerability of Cisco IOS and Cisco IOS XE operating systems for ISDN Integrated Services Digital Network implementations is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

7.4CVSS7.2AI score0.00433EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/10/09 12:0 a.m.8 views

The vulnerability of the Cisco IOS XE operating system’s monitor ROMMON mode affects Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Cisco IOS XE operating system’s monitor ROMMON mode for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers is related to access...

6.4CVSS6.8AI score0.00285EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.6 views

kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol

A vulnerability was found in the Linux kernel’s implementation of the AFISDN protocol, which does not enforce the CAPNETRAW capability. This flaw can allow unprivileged users to create a raw socket for this protocol. This could further allow the user to control the availability of an existing ISD...

3.3CVSS7.1AI score0.00542EPSS
Exploits0References4
Prion
Prion
added 2020/09/24 6:15 p.m.24 views

Race condition

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to incorrect processing of...

7.8CVSS8.3AI score0.01918EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/24 6:1 p.m.22 views

CVE-2020-3414 Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is due to incorrect processing of...

8.6CVSS8.6AI score0.01918EPSS
Exploits0References1
CVE
CVE
added 2020/09/24 6:1 p.m.71 views

CVE-2020-3414

Cisco IOS XE on Cisco 4461 Integrated Services Routers is affected by a DoS vulnerability in the packet processing path. The root cause is incorrect processing of IPv4/IPv6 traffic, which allows an unauthenticated, remote attacker to cause the device to reload by sending IP traffic through or to ...

8.6CVSS8.5AI score0.01918EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/06/03 6:15 p.m.16 views

CVE-2020-3258

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...

10CVSS9.8AI score0.04646EPSS
Exploits0References1
OSV
OSV
added 2020/06/03 6:15 p.m.5 views

CVE-2020-3234

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an authenticated but low-privileged, local attacker to log in to the Virtual...

8.8CVSS7.2AI score0.00337EPSS
Exploits0References1
OSV
OSV
added 2020/06/03 6:15 p.m.4 views

CVE-2020-3258

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...

9.8CVSS6.2AI score0.04646EPSS
Exploits0References1
OSV
OSV
added 2020/06/03 6:15 p.m.7 views

CVE-2020-3198

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...

9.8CVSS7.6AI score0.04471EPSS
Exploits0References1
Prion
Prion
added 2020/06/03 6:15 p.m.23 views

Design/Logic Flaw

A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The...

7.1CVSS6.7AI score0.00529EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/06/03 6:15 p.m.17 views

Information disclosure

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...

10CVSS9.5AI score0.04471EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/06/03 5:56 p.m.66 views

CVE-2020-3258

Cisco IOS Software CVE-2020-3258 affects Cisco 809/829 Industrial ISRs and CGR1000; a vulnerability in a diagnostic test CLI command can modify run-time memory, enabling an unauthenticated remote attacker or an authenticated local attacker to execute arbitrary code or cause a crash/reload. Exploi...

10CVSS9.8AI score0.04646EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/06/03 5:55 p.m.63 views

CVE-2020-3234

The CVE-2020-3234 issue affects Cisco IOS Software for Cisco 809/829 Industrial ISRs and CGR1000 devices, where the Virtual Device Server (VDS) authentication uses hard-coded/default credentials. A local, authenticated, low-privilege attacker can log in to VDS via the device’s virtual console and...

8.8CVSS8.5AI score0.00337EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/06/03 5:40 p.m.58 views

CVE-2020-3210

CVE-2020-3210 affects Cisco IOS Software on Cisco 809/829 Industrial ISRs and CGR1000, where the CLI parsers for VDS-related commands fail to validate input. An authenticated local attacker with privilege level 15 can inject malicious input into VDS CLI arguments, gaining arbitrary commands execu...

7.2CVSS6.8AI score0.00426EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/06/03 5:40 p.m.54 views

CVE-2020-3208

Cisco IOS Software for Cisco 809 and 829 Industrial ISRs is affected by an image verification bypass. The issue stems from insufficient access restrictions around the image verification code, allowing an authenticated attacker with valid credentials at privilege level 15 to log into the VDS and d...

7.2CVSS6.4AI score0.00322EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/06/03 5:40 p.m.11 views

CVE-2020-3208 Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass Vulnerability

A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient acce...

6.7CVSS6.8AI score0.00322EPSS
Exploits0References1
Rows per page
Query Builder