Lucene search

K

108 matches found

CVE
CVE
added 2017/09/29 1:34 a.m.1181 views

CVE-2017-12240

The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resultin...

10CVSS10AI score0.19962EPSS
CVE
CVE
added 2017/03/17 10:59 p.m.1131 views

CVE-2017-3881

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes T...

10CVSS9.7AI score0.94083EPSS
CVE
CVE
added 2017/07/17 9:29 p.m.1109 views

CVE-2017-6736

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.86397EPSS
CVE
CVE
added 2018/03/28 10:29 p.m.1030 views

CVE-2018-0175

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges...

8CVSS8AI score0.02538EPSS
CVE
CVE
added 2018/03/28 10:29 p.m.1025 views

CVE-2018-0167

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevat...

8.8CVSS8.9AI score0.02538EPSS
CVE
CVE
added 2017/07/17 9:29 p.m.1023 views

CVE-2017-6743

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.08714EPSS
CVE
CVE
added 2017/07/17 9:29 p.m.1015 views

CVE-2017-6737

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffe...

9CVSS8.9AI score0.08176EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.1014 views

CVE-2017-12237

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS 15.0 through 15.6 and Cisco IOS XE 3.5 through 16.5 could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of servi...

7.8CVSS7.5AI score0.1085EPSS
CVE
CVE
added 2017/07/17 9:29 p.m.1009 views

CVE-2017-6738

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.08176EPSS
CVE
CVE
added 2017/07/17 9:29 p.m.1000 views

CVE-2017-6740

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnera...

9CVSS9.1AI score0.12558EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.998 views

CVE-2017-12232

A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 (ISR G2) Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The v...

6.5CVSS6.3AI score0.01583EPSS
CVE
CVE
added 2017/07/17 9:29 p.m.998 views

CVE-2017-6739

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffe...

9CVSS8.9AI score0.08176EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.992 views

CVE-2017-12233

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the i...

7.8CVSS7.5AI score0.10011EPSS
CVE
CVE
added 2018/03/28 10:29 p.m.990 views

CVE-2018-0173

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) ...

8.6CVSS8.2AI score0.09766EPSS
CVE
CVE
added 2018/03/28 10:29 p.m.986 views

CVE-2018-0174

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected so...

8.6CVSS8.2AI score0.05665EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.975 views

CVE-2017-12231

A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 m...

7.8CVSS7.5AI score0.1085EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.968 views

CVE-2017-12235

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to th...

7.8CVSS7.6AI score0.07628EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.967 views

CVE-2017-12234

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the i...

7.8CVSS7.5AI score0.10011EPSS
CVE
CVE
added 2017/09/29 1:34 a.m.965 views

CVE-2017-12238

A vulnerability in the Virtual Private LAN Service (VPLS) code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service (DoS) conditio...

6.5CVSS6.5AI score0.00216EPSS
CVE
CVE
added 2017/07/17 9:29 p.m.629 views

CVE-2017-6742

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a buffe...

9CVSS8.9AI score0.05157EPSS
CVE
CVE
added 2016/09/19 1:59 a.m.578 views

CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bu...

7.5CVSS7.2AI score0.92948EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.478 views

CVE-2004-1464

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

5.9CVSS7.4AI score0.01698EPSS
CVE
CVE
added 2020/09/23 1:15 a.m.156 views

CVE-2019-16009

A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attack...

8.8CVSS9.1AI score0.01153EPSS
CVE
CVE
added 2019/05/13 7:29 p.m.124 views

CVE-2019-1649

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that supp...

7.2CVSS6.4AI score0.00256EPSS
CVE
CVE
added 2017/03/22 7:59 p.m.90 views

CVE-2017-3857

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient valida...

7.8CVSS7.5AI score0.01141EPSS
CVE
CVE
added 2019/09/25 9:15 p.m.88 views

CVE-2019-12655

A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The...

8.6CVSS7.9AI score0.01223EPSS
CVE
CVE
added 2022/04/15 3:15 p.m.80 views

CVE-2022-20661

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For m...

4.9CVSS5.5AI score0.00094EPSS
CVE
CVE
added 2022/04/15 3:15 p.m.76 views

CVE-2022-20726

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being au...

7.5CVSS6.6AI score0.00486EPSS
CVE
CVE
added 2008/11/25 11:30 p.m.74 views

CVE-2008-5230

The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packet...

6.8CVSS6.7AI score0.01114EPSS
CVE
CVE
added 2016/10/05 8:59 p.m.73 views

CVE-2016-6393

The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667.

7.5CVSS7.2AI score0.08646EPSS
CVE
CVE
added 2006/09/23 10:7 a.m.71 views

CVE-2006-4950

Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-w...

10CVSS7.7AI score0.03386EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.67 views

CVE-2001-0288

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.

7.5CVSS7.5AI score0.03983EPSS
CVE
CVE
added 2017/03/22 7:59 p.m.62 views

CVE-2017-3864

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. A...

8.6CVSS8.3AI score0.01125EPSS
CVE
CVE
added 2005/11/30 11:3 a.m.61 views

CVE-2005-3921

Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/e...

2.6CVSS5.7AI score0.01599EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.60 views

CVE-2002-1706

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by ...

7.5CVSS7.6AI score0.00363EPSS
CVE
CVE
added 2016/10/05 5:59 p.m.60 views

CVE-2016-6384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257.

7.8CVSS7.2AI score0.01972EPSS
CVE
CVE
added 2021/09/23 3:15 a.m.60 views

CVE-2021-34703

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a b...

6.8CVSS6.5AI score0.00273EPSS
CVE
CVE
added 2017/10/19 8:29 a.m.59 views

CVE-2017-12289

A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug l...

4.4CVSS4.5AI score0.00084EPSS
CVE
CVE
added 2025/05/07 6:15 p.m.58 views

CVE-2025-20154

A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. For Cisco IOS XR Software, this...

8.6CVSS8.5AI score0.00209EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.55 views

CVE-2010-4685

Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031.

4CVSS6.3AI score0.00172EPSS
CVE
CVE
added 2021/03/24 8:15 p.m.54 views

CVE-2021-1460

A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of se...

7.5CVSS6.1AI score0.00095EPSS
CVE
CVE
added 2008/11/06 3:55 p.m.53 views

CVE-2008-4963

Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk...

7.1CVSS6.6AI score0.01033EPSS
CVE
CVE
added 2011/10/22 2:59 a.m.53 views

CVE-2011-2057

The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of servi...

7.5CVSS7.2AI score0.01102EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.53 views

CVE-2013-1142

Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745.

7.8CVSS6.7AI score0.00288EPSS
CVE
CVE
added 2021/09/23 3:15 a.m.53 views

CVE-2021-34714

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due t...

7.4CVSS7.4AI score0.00171EPSS
CVE
CVE
added 2003/08/27 4:0 a.m.52 views

CVE-2003-0647

Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.

7.5CVSS8AI score0.08613EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.52 views

CVE-2009-5039

Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, a...

5CVSS6.8AI score0.00607EPSS
CVE
CVE
added 2015/01/28 10:59 p.m.52 views

CVE-2015-0586

The Network-Based Application Recognition (NBAR) protocol implementation in Cisco IOS 15.3(100)M and earlier on Cisco 2900 Integrated Services Router (aka Cisco Internet Router) devices allows remote attackers to cause a denial of service (NBAR process hang) via IPv4 packets, aka Bug ID CSCuo73682.

7.8CVSS6.9AI score0.01092EPSS
CVE
CVE
added 2006/07/27 10:4 p.m.51 views

CVE-2006-3906

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued tha...

5CVSS6.6AI score0.02852EPSS
CVE
CVE
added 2009/08/27 5:0 p.m.51 views

CVE-2009-2051

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reloa...

7.8CVSS6.6AI score0.01875EPSS
Total number of security vulnerabilities108