Lucene search

K

612 matches found

CVE
CVE
added 2007/02/01 1:28 a.m.40 views

CVE-2007-0648

Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.

7.8CVSS6.4AI score0.02244EPSS
CVE
CVE
added 2007/08/09 9:17 p.m.40 views

CVE-2007-4293

Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505.

7.1CVSS6.7AI score0.01609EPSS
CVE
CVE
added 2007/10/18 8:17 p.m.40 views

CVE-2007-5550

Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a ...

5CVSS6.5AI score0.0025EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.40 views

CVE-2010-0577

Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186.

7.1CVSS6.8AI score0.01559EPSS
CVE
CVE
added 2012/05/02 10:9 a.m.40 views

CVE-2011-2578

Memory leak in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption) via malformed SIP packets on a NAT interface, aka Bug ID CSCts12366.

7.8CVSS6.8AI score0.00602EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.40 views

CVE-2011-3273

Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2012/05/02 10:9 a.m.40 views

CVE-2012-0362

The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106.

4.3CVSS6.9AI score0.00158EPSS
CVE
CVE
added 2012/05/03 8:55 p.m.40 views

CVE-2012-1327

dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (assertion failure and reboot) via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391.

6.1CVSS6.1AI score0.00167EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.40 views

CVE-2013-1144

Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055.

7.8CVSS6.9AI score0.00427EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.40 views

CVE-2013-1147

The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device rel...

7.8CVSS6.9AI score0.00427EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.40 views

CVE-2013-5476

The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2, when content filtering or HTTP ALG inspection is enabled, allows remote attackers to cause a denial of service (device reload or hang) via crafted IPv4 HTTP traffic, aka Bug ID CSCtx56174.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.40 views

CVE-2014-3361

The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.

7.1CVSS6.6AI score0.01022EPSS
CVE
CVE
added 2024/09/25 5:15 p.m.40 views

CVE-2024-20465

A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs o...

5.8CVSS7.1AI score0.00091EPSS
CVE
CVE
added 2025/02/05 5:15 p.m.40 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker co...

7.7CVSS7.1AI score0.00076EPSS
CVE
CVE
added 2025/02/05 5:15 p.m.40 views

CVE-2025-20174

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.5AI score0.00185EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.39 views

CVE-2001-1434

Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.

5CVSS6.4AI score0.00608EPSS
CVE
CVE
added 2007/10/14 8:0 p.m.39 views

CVE-2002-2239

The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.

7.8CVSS6.7AI score0.00535EPSS
CVE
CVE
added 2003/06/09 4:0 a.m.39 views

CVE-2003-0305

The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.

5CVSS6.6AI score0.00655EPSS
CVE
CVE
added 2007/01/31 11:0 a.m.39 views

CVE-2005-4826

Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-200...

6.1CVSS6.5AI score0.21799EPSS
CVE
CVE
added 2007/05/10 12:19 a.m.39 views

CVE-2007-2587

The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).

6.3CVSS6.2AI score0.01093EPSS
CVE
CVE
added 2007/08/09 9:17 p.m.39 views

CVE-2007-4291

Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a ma...

7.1CVSS6.7AI score0.03514EPSS
CVE
CVE
added 2007/08/09 9:17 p.m.39 views

CVE-2007-4295

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.

6.8CVSS7.6AI score0.02463EPSS
CVE
CVE
added 2007/08/31 11:17 p.m.39 views

CVE-2007-4632

Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a differen...

4.3CVSS6.8AI score0.00783EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.39 views

CVE-2008-3808

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.

7.8CVSS6.3AI score0.01672EPSS
CVE
CVE
added 2009/03/27 3:16 p.m.39 views

CVE-2009-0631

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial ...

7.8CVSS6.8AI score0.01692EPSS
CVE
CVE
added 2009/03/27 4:30 p.m.39 views

CVE-2009-0636

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.

7.8CVSS6.8AI score0.01334EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.39 views

CVE-2009-2863

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.

7.1CVSS6.6AI score0.00406EPSS
CVE
CVE
added 2011/01/28 10:0 p.m.39 views

CVE-2011-0348

Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing re...

6.4CVSS6.8AI score0.00203EPSS
CVE
CVE
added 2011/01/28 10:0 p.m.39 views

CVE-2011-0349

Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth17178, a different vulnerability than CVE-201...

7.8CVSS6.6AI score0.01213EPSS
CVE
CVE
added 2011/10/22 2:59 a.m.39 views

CVE-2011-2058

The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (...

7.8CVSS7.2AI score0.00527EPSS
CVE
CVE
added 2012/05/02 10:9 a.m.39 views

CVE-2011-4016

The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when Point-to-Point Termination and Aggregation (PTA) and L2TP are used, allows remote attackers to cause a denial of service (device crash) via crafted network traffic, aka Bug ID CSCtf71673.

5.4CVSS6.8AI score0.00503EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.39 views

CVE-2012-0388

Memory leak in the H.323 inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed transit H.323 traffic, aka Bug ID CSCtq45553.

7.8CVSS6.9AI score0.00801EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.39 views

CVE-2012-3950

The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.

7.1CVSS6.7AI score0.00662EPSS
CVE
CVE
added 2014/04/23 11:52 a.m.39 views

CVE-2012-5422

Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009.

6.8CVSS6.5AI score0.00363EPSS
CVE
CVE
added 2013/11/22 1:55 a.m.39 views

CVE-2013-6693

The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345.

5.4CVSS7AI score0.00371EPSS
CVE
CVE
added 2014/03/29 1:55 a.m.39 views

CVE-2014-2131

The packet driver in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a series of (1) Virtual Switching Systems (VSS) or (2) Bidirectional Forwarding Detection (BFD) packets, aka Bug IDs CSCug41049 and CSCue61890.

6.1CVSS6.7AI score0.00182EPSS
CVE
CVE
added 2014/05/16 11:12 a.m.39 views

CVE-2014-3263

The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038.

5.4CVSS6.8AI score0.00773EPSS
CVE
CVE
added 2016/04/20 5:59 p.m.39 views

CVE-2016-1384

The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898.

7.5CVSS7.4AI score0.00161EPSS
CVE
CVE
added 2016/09/24 1:59 a.m.39 views

CVE-2016-6409

The Data in Motion (DMo) component in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service (out-of-bounds access) via crafted traffic, aka Bug ID CSCuy54015.

7.5CVSS7.3AI score0.00686EPSS
CVE
CVE
added 2017/09/07 9:29 p.m.39 views

CVE-2017-12211

A vulnerability in the IPv6 Simple Network Management Protocol (SNMP) code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause high CPU usage or a reload of the device. The vulnerability is due to IPv6 sub block corruption. An attacker could exploit this vu...

6.3CVSS5.4AI score0.01139EPSS
CVE
CVE
added 2017/03/21 4:59 p.m.39 views

CVE-2017-3849

A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vul...

7.4CVSS7.3AI score0.00126EPSS
CVE
CVE
added 2020/06/03 6:15 p.m.39 views

CVE-2020-3210

A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Serve...

7.2CVSS6.8AI score0.00047EPSS
CVE
CVE
added 2025/05/07 6:15 p.m.39 views

CVE-2025-20137

A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...

4.7CVSS4.9AI score0.0006EPSS
CVE
CVE
added 2005/03/11 5:0 a.m.38 views

CVE-2003-1109

The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages...

7.5CVSS7.7AI score0.16196EPSS
CVE
CVE
added 2004/07/27 4:0 a.m.38 views

CVE-2004-0710

IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed In...

5CVSS6.7AI score0.0098EPSS
CVE
CVE
added 2004/07/27 4:0 a.m.38 views

CVE-2004-0714

Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).

5CVSS6.7AI score0.0286EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.38 views

CVE-2005-0195

Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.

5CVSS6.5AI score0.02EPSS
CVE
CVE
added 2005/09/08 10:3 a.m.38 views

CVE-2005-2841

Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.

7.5CVSS8.2AI score0.33877EPSS
CVE
CVE
added 2007/02/14 2:28 a.m.38 views

CVE-2007-0917

The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.

6.4CVSS6.6AI score0.00632EPSS
CVE
CVE
added 2007/02/14 2:28 a.m.38 views

CVE-2007-0918

The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular express...

7.1CVSS6.6AI score0.02201EPSS
Total number of security vulnerabilities612