Lucene search

K

612 matches found

CVE
CVE
added 2008/09/26 4:21 p.m.38 views

CVE-2008-3802

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability ...

7.1CVSS6.4AI score0.01935EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.38 views

CVE-2008-3803

A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.

5.1CVSS6.4AI score0.01514EPSS
CVE
CVE
added 2010/08/16 6:39 p.m.38 views

CVE-2010-2827

Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.38 views

CVE-2010-2834

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload o...

7.8CVSS6.7AI score0.00371EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.38 views

CVE-2010-4687

STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), a...

5CVSS6.9AI score0.00756EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.38 views

CVE-2011-3272

The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15.1, and IOS XE 2.1.x through 3.3.x, allows remote attackers to cause a denial of service (memory corruption and device reload) via malformed IP SLA packets, aka Bug ID CSCtk67073.

7.8CVSS6.9AI score0.00602EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.38 views

CVE-2011-3274

Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919...

6.1CVSS6.6AI score0.00182EPSS
CVE
CVE
added 2012/05/03 10:11 a.m.38 views

CVE-2011-4019

Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883.

5.4CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2012/05/03 10:11 a.m.38 views

CVE-2011-4231

Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device crash) via unspecified vectors, aka Bug ID CSCtq61128.

6.3CVSS6.5AI score0.00303EPSS
CVE
CVE
added 2012/05/02 10:9 a.m.38 views

CVE-2012-0338

Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113.

5CVSS7AI score0.00274EPSS
CVE
CVE
added 2012/08/06 6:55 p.m.38 views

CVE-2012-1361

Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communications Manager (CUCM) is enabled, allows remote attackers to obtain sensitive crosstalk information by listening during a PSTN call, aka Bug ID CSCtx77750.

4.3CVSS6.4AI score0.0025EPSS
CVE
CVE
added 2012/09/16 10:34 a.m.38 views

CVE-2012-3893

The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote authenticated users to cause a denial of service (spoke crash) via spoke-to-spoke traffic, aka Bug ID CSCtz02622.

6.3CVSS6.4AI score0.0034EPSS
CVE
CVE
added 2014/04/23 11:52 a.m.38 views

CVE-2012-3918

Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

4.3CVSS6.9AI score0.00443EPSS
CVE
CVE
added 2012/09/16 10:34 a.m.38 views

CVE-2012-3923

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, ak...

3.5CVSS6.4AI score0.00377EPSS
CVE
CVE
added 2014/04/23 11:52 a.m.38 views

CVE-2012-4638

Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318.

4.9CVSS6.4AI score0.0009EPSS
CVE
CVE
added 2013/05/13 11:50 a.m.38 views

CVE-2013-1136

The crypto engine process in Cisco IOS on Aggregation Services Router (ASR) Route Processor 2 does not properly manage memory, which allows local users to cause a denial of service (route processor crash) by creating multiple tunnels and then examining encryption statistics, aka Bug ID CSCuc52193.

4.6CVSS6.4AI score0.00046EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.38 views

CVE-2013-5473

Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.38 views

CVE-2014-2107

Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789.

7.1CVSS6.7AI score0.00399EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.38 views

CVE-2014-2113

Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.

7.8CVSS6.5AI score0.01104EPSS
CVE
CVE
added 2014/04/04 3:10 p.m.38 views

CVE-2014-2143

The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021.

5CVSS6.7AI score0.00412EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.38 views

CVE-2014-3358

Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS pa...

7.8CVSS6.8AI score0.00898EPSS
CVE
CVE
added 2015/02/13 2:59 a.m.38 views

CVE-2015-0593

The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and earlier does not properly manage session-object structures, which allows remote attackers to cause a denial of service (device reload) via crafted network traffic, aka Bug ID CSCul65003.

7.1CVSS6.8AI score0.00724EPSS
CVE
CVE
added 2015/12/15 5:59 a.m.38 views

CVE-2015-6359

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or device crash) via a flood of crafted ND messages, aka Bug ID CSCup28217.

6.1CVSS6.8AI score0.00246EPSS
CVE
CVE
added 2025/02/05 5:15 p.m.38 views

CVE-2025-20173

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.5AI score0.00076EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.37 views

CVE-1999-1175

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.

7.5CVSS6.9AI score0.00871EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.37 views

CVE-1999-1466

Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.

7.5CVSS7.5AI score0.00296EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.37 views

CVE-2000-0368

Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.

2.1CVSS6.8AI score0.00102EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.37 views

CVE-2008-3810

Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811.

7.8CVSS6.4AI score0.01918EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.37 views

CVE-2009-5040

CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.

6.8CVSS6.5AI score0.00512EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.37 views

CVE-2010-2831

Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.37 views

CVE-2010-4683

Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733.

7.8CVSS6.8AI score0.00851EPSS
CVE
CVE
added 2012/05/02 10:9 a.m.37 views

CVE-2011-4012

Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) is used, does not create a fragment entry during processing of an ICMPv6 ACL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtj90091.

9.3CVSS7AI score0.00331EPSS
CVE
CVE
added 2014/04/23 11:52 a.m.37 views

CVE-2012-1317

The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

5.4CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2012/08/06 6:55 p.m.37 views

CVE-2012-1350

Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service (radio-interface input-queue hang) via IAPP 0x3281 packets, aka Bug ID CSCtc12426.

7.8CVSS6.9AI score0.00427EPSS
CVE
CVE
added 2012/09/16 10:34 a.m.37 views

CVE-2012-3079

Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishing many IPv6 neighbors, aka Bug ID CSCtn78957.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2013/07/19 2:36 p.m.37 views

CVE-2013-3436

The default configuration of the Group Encrypted Transport VPN (GET VPN) feature on Cisco IOS uses an improper mechanism for enabling Group Domain of Interpretation (GDOI) traffic flow, which allows remote attackers to bypass the encryption policy via certain uses of UDP port 848, aka Bug ID CSCui0...

5CVSS7AI score0.00197EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.37 views

CVE-2013-5472

The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer rel...

7.1CVSS6.7AI score0.00399EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.37 views

CVE-2013-5480

The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2014/03/21 1:4 a.m.37 views

CVE-2014-2124

Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783.

7.1CVSS6.8AI score0.02138EPSS
CVE
CVE
added 2014/05/20 11:13 a.m.37 views

CVE-2014-3268

Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packets, aka Bug ID CSCuj72215.

5CVSS6.9AI score0.00412EPSS
CVE
CVE
added 2015/02/12 1:59 a.m.37 views

CVE-2015-0610

Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSC...

4.3CVSS6.9AI score0.00247EPSS
CVE
CVE
added 2015/06/12 10:59 a.m.37 views

CVE-2015-0771

The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices allows remote authenticated users to cause a denial of service (device reload) by sending a crafted message during IPsec tunnel setup, aka Bug ID CSCur70505.

6.3CVSS6.4AI score0.00327EPSS
CVE
CVE
added 2015/12/01 11:59 a.m.37 views

CVE-2015-6385

The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943.

7.2CVSS7.5AI score0.00057EPSS
CVE
CVE
added 2016/08/08 12:59 a.m.37 views

CVE-2016-1478

Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP packets, which allows remote attackers to cause a denial of service (interface wedge) by sending many crafted NTP packets, aka Bug ID CSCva35619.

7.8CVSS7.3AI score0.00743EPSS
CVE
CVE
added 2025/02/05 5:15 p.m.37 views

CVE-2025-20175

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnera...

7.7CVSS7.2AI score0.00185EPSS
CVE
CVE
added 2008/03/27 5:44 p.m.36 views

CVE-2008-1150

The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug I...

7.1CVSS6.4AI score0.01009EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.36 views

CVE-2009-2872

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh975...

6.8CVSS6.6AI score0.01117EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.36 views

CVE-2009-5038

Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSC...

7.8CVSS6.9AI score0.00851EPSS
CVE
CVE
added 2011/01/28 10:0 p.m.36 views

CVE-2011-0350

Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to cause a denial of service (device hang or reload) via crafted TCP packets, aka Bug ID CSCth41891, a different vulnerability than CVE-201...

7.8CVSS6.6AI score0.01213EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.36 views

CVE-2011-3281

Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain HTTP Layer 7 Application Control and Inspection configurations, allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTP packet, aka Bug ID CSCto68554.

7.8CVSS6.7AI score0.00153EPSS
Total number of security vulnerabilities612