Lucene search

K

612 matches found

CVE
CVE
added 2006/02/01 2:2 a.m.46 views

CVE-2006-0486

Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cau...

4.6CVSS7AI score0.00099EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.46 views

CVE-2008-3804

Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.

7.1CVSS6.4AI score0.02057EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.46 views

CVE-2010-4684

Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877.

7.1CVSS6.8AI score0.00679EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.46 views

CVE-2012-1314

The WAAS Express feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit traffic, aka Bug ID CSCtt45381.

7.8CVSS6.8AI score0.0215EPSS
CVE
CVE
added 2014/04/23 11:52 a.m.46 views

CVE-2012-5017

Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268.

6.8CVSS6.5AI score0.00363EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.46 views

CVE-2013-5481

The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817.

7.1CVSS6.8AI score0.00548EPSS
CVE
CVE
added 2015/03/21 1:59 a.m.46 views

CVE-2015-0669

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup6...

6.4CVSS6.8AI score0.00787EPSS
CVE
CVE
added 2015/06/27 10:59 a.m.46 views

CVE-2015-4199

Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (NULL pointer free and module crash) by triggering intermittent connectivity with many IPv6 CPE devices, aka Bug ID ...

7.1CVSS7AI score0.00526EPSS
CVE
CVE
added 2015/11/13 3:59 a.m.46 views

CVE-2015-6366

Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interface ACLs, which allows remote attackers to bypass intended network-traffic restrictions in opportunistic circumstances by using a tunnel, aka Bug ID CSCur01042.

5CVSS6.8AI score0.00365EPSS
CVE
CVE
added 2015/12/19 2:59 p.m.46 views

CVE-2015-6429

The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.

5CVSS6.6AI score0.00474EPSS
CVE
CVE
added 2016/10/05 8:59 p.m.46 views

CVE-2016-6379

Cisco IOS 12.2 and IOS XE 3.14 through 3.16 and 16.1 allow remote attackers to cause a denial of service (device reload) via crafted IP Detail Record (IPDR) packets, aka Bug ID CSCuu35089.

7.8CVSS7.3AI score0.00743EPSS
CVE
CVE
added 2017/03/21 4:59 p.m.46 views

CVE-2017-3850

A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplet...

7.1CVSS5.8AI score0.00395EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.45 views

CVE-1999-0159

Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.

5CVSS7.3AI score0.00504EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.45 views

CVE-2001-0750

Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.

5CVSS6.6AI score0.00763EPSS
CVE
CVE
added 2007/10/26 7:0 p.m.45 views

CVE-2002-2315

Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router.

7.8CVSS6.7AI score0.1117EPSS
CVE
CVE
added 2004/08/06 4:0 a.m.45 views

CVE-2004-0589

Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.

4.3CVSS6.7AI score0.0235EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.45 views

CVE-2005-0197

Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.

6.1CVSS6.6AI score0.01157EPSS
CVE
CVE
added 2006/09/09 12:4 a.m.45 views

CVE-2006-4650

Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers t...

2.6CVSS7AI score0.00488EPSS
CVE
CVE
added 2006/09/14 12:7 a.m.45 views

CVE-2006-4774

The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.

7.8CVSS6.5AI score0.04608EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.45 views

CVE-2008-3807

Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.

9.3CVSS6.4AI score0.0251EPSS
CVE
CVE
added 2009/02/06 7:30 p.m.45 views

CVE-2009-0470

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821.

4.3CVSS5.6AI score0.10639EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.45 views

CVE-2009-2865

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...

7.6CVSS8AI score0.03258EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.45 views

CVE-2009-2868

Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.

7.8CVSS6.7AI score0.00451EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.45 views

CVE-2010-0576

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or proc...

7.8CVSS6.6AI score0.01653EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.45 views

CVE-2010-0578

The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.

7.8CVSS6.7AI score0.01653EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.45 views

CVE-2010-0584

Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250.

7.8CVSS6.7AI score0.00798EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.45 views

CVE-2010-2832

Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.45 views

CVE-2010-2835

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers ...

7.8CVSS6.6AI score0.00371EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.45 views

CVE-2011-3275

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted SIP message, aka Bug ID CSCti48504.

7.8CVSS6.6AI score0.00427EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.45 views

CVE-2012-1312

The MACE feature in Cisco IOS 15.1 and 15.2 allows remote attackers to cause a denial of service (device reload) via crafted transit traffic, aka Bug IDs CSCtq64987 and CSCtu57226.

7.1CVSS6.7AI score0.01503EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.45 views

CVE-2013-1145

Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2016/09/22 5:59 p.m.45 views

CVE-2014-2146

The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these se...

6.5CVSS6.6AI score0.00226EPSS
CVE
CVE
added 2014/05/16 11:12 a.m.45 views

CVE-2014-3262

The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782...

4.3CVSS6.7AI score0.00643EPSS
CVE
CVE
added 2014/05/20 11:13 a.m.45 views

CVE-2014-3273

The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282.

6.1CVSS6.8AI score0.00349EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.45 views

CVE-2014-3354

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP ...

7.8CVSS6.6AI score0.02904EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.45 views

CVE-2014-3359

Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka B...

7.8CVSS6.7AI score0.01092EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.45 views

CVE-2015-0648

Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658.

7.8CVSS6.7AI score0.0071EPSS
CVE
CVE
added 2016/10/05 8:59 p.m.45 views

CVE-2016-6391

Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036.

7.8CVSS7.3AI score0.00743EPSS
CVE
CVE
added 2016/09/18 10:59 p.m.45 views

CVE-2016-6403

The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912.

5.9CVSS5.6AI score0.00563EPSS
CVE
CVE
added 2020/06/03 6:15 p.m.45 views

CVE-2020-3199

Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condi...

8.8CVSS8.8AI score0.00116EPSS
CVE
CVE
added 2025/05/07 6:15 p.m.45 views

CVE-2025-20164

A vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software could allow an authenticated, remote attacker to elevate privileges. This vulnerability is due to insufficient validation of authorizations for authenticated users. An attacker could exploit this vulne...

8.3CVSS8.2AI score0.00205EPSS
CVE
CVE
added 2002/03/15 5:0 a.m.44 views

CVE-2001-1097

Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.

5CVSS7AI score0.09839EPSS
CVE
CVE
added 2005/07/05 4:0 a.m.44 views

CVE-2005-2105

Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.

7.5CVSS6.5AI score0.00783EPSS
CVE
CVE
added 2007/03/03 8:19 p.m.44 views

CVE-2007-1258

Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS ...

6.1CVSS6.3AI score0.00564EPSS
CVE
CVE
added 2008/03/27 5:44 p.m.44 views

CVE-2008-1152

The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.

7.8CVSS6.5AI score0.01542EPSS
CVE
CVE
added 2008/03/27 10:44 a.m.44 views

CVE-2008-1153

Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device.

7.1CVSS6.4AI score0.03161EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.44 views

CVE-2008-3801

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP mes...

7.1CVSS6.4AI score0.01935EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.44 views

CVE-2010-0583

Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855.

7.8CVSS6.7AI score0.01653EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.44 views

CVE-2010-2828

Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.44 views

CVE-2010-2833

Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472.

7.8CVSS6.7AI score0.00427EPSS
Total number of security vulnerabilities612