Input validation

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...

CVE-2022-20837 Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability

A vulnerability in the DNS application layer gateway ALG functionality that is used by Network Address Translation NAT in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability is due to a logic error that occurs when an...

CVE-2022-20920

CVE-2022-20920 affects Cisco IOS Software and Cisco IOS XE Software. It is a DoS vulnerability in the SSH implementation caused by improper resource handling during exceptional conditions. A remote, authenticated attacker can repeatedly connect and send specific SSH requests to force a device rel...

CVE-2022-20920 Cisco IOS and IOS XE Software SSH Denial of Service Vulnerability

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...

Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities

Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol LLDP for Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to execute code, cause the service to reload unexpectedly, or cause Cisco Discovery Protocol or LLDP database corrupti...

Input validation

A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points APs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of certain...

CVE-2022-20920

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit thi...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software IPv6 VPN. An attacker...

PT-2022-6173

Name of the Vulnerable Software and Affected Versions Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description A vulnerability in the SSH implementation could allow an authenticated, remote attacker to cause an affected device to reload. This issue is due to improp...

PT-2022-6322 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Description: The issue is related to insufficient input validation during the processing of Common Industrial Protocol CIP packets, which...

PT-2022-6086 · Cisco · Cisco Ios Xe Wireless Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family affected versions not specified Description: A vulnerability in the processing of Control and Provisioning of Wireless Access Points CAPWAP Mobility messages could allow a...

GSD-2022-1005519 devlink: Fix use-after-free after a failed reload

devlink: Fix use-after-free after a failed reload This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...

PT-2022-5096 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the Cisco Discovery Protocol implementation could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an...

CVE-2022-20696

A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system. This vulnerability exists because the messaging...

Design/Logic Flaw

A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system. This vulnerability exists because the messaging...

PT-2022-8939 · Gnu · Gcc

Name of the Vulnerable Software and Affected Versions: gcc affected versions not specified Description: The issue is related to an internal compiler error in the match reload function at lra-constraints.c, which may cause a crash when a crafted input file is used. Recommendations: At the moment,...

Cisco IOS Software Web Services DoS (cisco-sa-http-dos-svOdkdBS)

According to its self-reported version, Cisco IOS is affected by a denial of service vulnerability due to improper resource management in the HTTP server code. An authenticated, remote attacker can exploit this by sending a large number of HTTP requests to an affected device to cause the device t...

Cisco Firepower Threat Defense Software TCP Proxy DoS (cisco-sa-ftd-tcp-dos-kM9SHhOu)

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by...

CVE-2022-20746

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by...

CVE-2022-20745

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to...