Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoIos

612 matches found

CVE
CVEadded 2017/09/29 1:34 a.m.1194 views

CVE-2017-12240

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resultin...

10CVSS10AI score0.19962EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.1161 views

CVE-2018-0171

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerabi...

10CVSS9.8AI score0.93213EPSS
In wildWeb
CVE
CVEadded 2017/03/17 10:59 p.m.1142 views

CVE-2017-3881

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes T...

10CVSS9.7AI score0.94083EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.1123 views

CVE-2017-6736

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.84656EPSS
In wildWeb
CVE
CVEadded 2018/03/28 10:29 p.m.1051 views

CVE-2018-0161

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. ...

6.3CVSS6.4AI score0.02517EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.1041 views

CVE-2018-0175

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges...

8CVSS8AI score0.02538EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.1037 views

CVE-2018-0167

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevat...

8.8CVSS8.9AI score0.02538EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.1034 views

CVE-2017-6743

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.18097EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.1030 views

CVE-2018-0172

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected so...

8.6CVSS8.4AI score0.05957EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.1027 views

CVE-2017-6737

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffe...

9CVSS8.9AI score0.17114EPSS
In wild
CVE
CVEadded 2017/09/29 1:34 a.m.1025 views

CVE-2017-12237

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of servi...

7.8CVSS7.5AI score0.1085EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.1020 views

CVE-2017-6738

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.17114EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.1017 views

CVE-2018-0158

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due ...

8.6CVSS8.2AI score0.1593EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.1015 views

CVE-2018-0156

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. A...

7.8CVSS7.3AI score0.16461EPSS
In wild
CVE
CVEadded 2017/08/07 6:29 a.m.1011 views

CVE-2017-6663

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affec...

6.5CVSS6.2AI score0.02276EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.1011 views

CVE-2017-6740

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.11061EPSS
In wild
CVE
CVEadded 2017/09/29 1:34 a.m.1009 views

CVE-2017-12232

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The v...

6.5CVSS6.3AI score0.01583EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.1009 views

CVE-2017-6739

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffe...

9CVSS8.9AI score0.17114EPSS
In wild
CVE
CVEadded 2017/09/07 9:29 p.m.1007 views

CVE-2017-6627

A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The...

7.5CVSS7.5AI score0.10886EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.1007 views

CVE-2017-6744

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.12165EPSS
In wild
CVE
CVEadded 2017/09/29 1:34 a.m.1005 views

CVE-2017-12233

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the i...

7.8CVSS7.5AI score0.10011EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.1001 views

CVE-2018-0173

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) ...

8.6CVSS8.2AI score0.09766EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.997 views

CVE-2018-0174

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected so...

8.6CVSS8.2AI score0.05665EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.995 views

CVE-2018-0154

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient handling of VPN traf...

7.8CVSS7.5AI score0.1085EPSS
In wild
CVE
CVEadded 2017/09/29 1:34 a.m.986 views

CVE-2017-12231

A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 m...

7.8CVSS7.5AI score0.1085EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.986 views

CVE-2018-0155

A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition. ...

8.6CVSS8.2AI score0.15317EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.985 views

CVE-2018-0180

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cis...

7.1CVSS6AI score0.02047EPSS
In wild
CVE
CVEadded 2018/03/27 9:29 a.m.983 views

CVE-2017-12319

A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing tabl...

7.1CVSS5.8AI score0.01269EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.982 views

CVE-2018-0179

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cis...

7.1CVSS6AI score0.02393EPSS
In wild
CVE
CVEadded 2017/09/29 1:34 a.m.980 views

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to th...

7.8CVSS7.6AI score0.07628EPSS
In wild
CVE
CVEadded 2017/09/29 1:34 a.m.978 views

CVE-2017-12234

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the i...

7.8CVSS7.5AI score0.10011EPSS
In wild
CVE
CVEadded 2017/09/29 1:34 a.m.977 views

CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) conditio...

6.5CVSS6.5AI score0.00836EPSS
In wild
CVE
CVEadded 2018/03/28 10:29 p.m.976 views

CVE-2018-0159

A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability i...

7.8CVSS7.5AI score0.06176EPSS
In wild
CVE
CVEadded 2017/07/17 9:29 p.m.641 views

CVE-2017-6742

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffe...

9CVSS8.9AI score0.03599EPSS
In wild
CVE
CVEadded 2016/09/19 1:59 a.m.590 views

CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bu...

7.5CVSS7.2AI score0.92948EPSS
In wildWeb
CVE
CVEadded 2005/02/13 5:0 a.m.491 views

CVE-2004-1464

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

5.9CVSS7.4AI score0.01698EPSS
In wild
CVE
CVEadded 2008/10/20 5:59 p.m.489 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00676EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.457 views

CVE-1999-0524

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

2.1CVSS6.5AI score0.00702EPSS
CVE
CVEadded 2023/09/27 6:15 p.m.372 views

CVE-2023-20109

A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause...

6.6CVSS7.1AI score0.01464EPSS
In wild
CVE
CVEadded 2003/08/18 4:0 a.m.208 views

CVE-2003-0567

Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.

7.8CVSS6.5AI score0.24634EPSS
CVE
CVEadded 2020/06/03 6:15 p.m.201 views

CVE-2020-3204

A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is d...

7.2CVSS6.9AI score0.00059EPSS
CVE
CVEadded 2013/08/05 1:22 p.m.190 views

CVE-2013-0149

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, ...

5.8CVSS6.2AI score0.00937EPSS
CVE
CVEadded 2020/09/23 1:15 a.m.156 views

CVE-2019-16009

A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attack...

8.8CVSS9.1AI score0.02786EPSS
CVE
CVEadded 2017/08/07 6:29 a.m.148 views

CVE-2017-6770

Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerabili...

4.2CVSS3.5AI score0.00583EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.142 views

CVE-1999-0016

Land IP denial of service.

5CVSS6.6AI score0.72572EPSS
CVE
CVEadded 2024/09/25 5:15 p.m.142 views

CVE-2024-20433

A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a bu...

8.6CVSS7.6AI score0.0044EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.140 views

CVE-2001-0537

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

9.3CVSS6.9AI score0.93454EPSS
In wildWeb
CVE
CVEadded 2002/12/23 5:0 a.m.137 views

CVE-2002-1359

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

10CVSS8.1AI score0.86998EPSS
Web
CVE
CVEadded 2020/09/24 6:15 p.m.135 views

CVE-2020-3408

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine th...

8.6CVSS8.4AI score0.01156EPSS
CVE
CVEadded 2022/10/10 9:15 p.m.134 views

CVE-2022-20920

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this ...

7.7CVSS7.4AI score0.00235EPSS
Total number of security vulnerabilities612