Lucene search

K
CiscoIos12.4

108 matches found

CVE
CVE
added 2008/10/20 5:59 p.m.486 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00461EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.81 views

CVE-2008-3805

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UD...

8.5CVSS6.6AI score0.01602EPSS
CVE
CVE
added 2006/09/23 10:7 a.m.71 views

CVE-2006-4950

Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-w...

10CVSS7.7AI score0.03386EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.65 views

CVE-2010-0579

The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability."

7.8CVSS6.6AI score0.00726EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.64 views

CVE-2015-0646

Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service (memory consumption or device reload) by sen...

7.8CVSS6.6AI score0.01551EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.63 views

CVE-2010-0585

Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CS...

7.8CVSS6.8AI score0.00602EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.63 views

CVE-2014-2109

The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.

7.8CVSS6.6AI score0.01117EPSS
CVE
CVE
added 2007/10/12 1:17 a.m.62 views

CVE-2007-5381

Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session...

9.3CVSS8AI score0.63694EPSS
CVE
CVE
added 2017/03/22 7:59 p.m.62 views

CVE-2017-3864

A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. A...

8.6CVSS8.3AI score0.01125EPSS
CVE
CVE
added 2005/11/30 11:3 a.m.61 views

CVE-2005-3921

Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/e...

2.6CVSS5.7AI score0.01599EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.61 views

CVE-2011-3280

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.

7.8CVSS7.3AI score0.00459EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.60 views

CVE-2011-0939

Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022.

7.8CVSS6.6AI score0.00371EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.58 views

CVE-2010-0581

Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability."

10CVSS8AI score0.05205EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.58 views

CVE-2015-0643

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (memory consumption and device reload) by send...

7.8CVSS6.7AI score0.01796EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.56 views

CVE-2011-2072

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or p...

7.8CVSS6.6AI score0.00708EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.56 views

CVE-2011-3277

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted H.323 packets to TCP port 1720, aka Bug ID CSCth11006.

7.8CVSS7.3AI score0.00371EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.56 views

CVE-2012-0384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access...

8.5CVSS6.8AI score0.00453EPSS
CVE
CVE
added 2005/11/03 2:2 a.m.54 views

CVE-2005-3481

Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities tha...

9.3CVSS8.1AI score0.05119EPSS
CVE
CVE
added 2009/03/27 4:30 p.m.54 views

CVE-2009-0629

The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8...

5.4CVSS6.7AI score0.00867EPSS
CVE
CVE
added 2007/08/09 9:17 p.m.53 views

CVE-2007-4286

Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.

9.3CVSS7.8AI score0.6264EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.53 views

CVE-2010-0586

Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CS...

7.8CVSS6.8AI score0.00798EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.53 views

CVE-2015-0650

The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by...

7.8CVSS6.6AI score0.01098EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.52 views

CVE-2010-0580

Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."

10CVSS8AI score0.04905EPSS
CVE
CVE
added 2009/03/27 4:30 p.m.51 views

CVE-2009-0637

The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.

7.1CVSS6.4AI score0.01141EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.51 views

CVE-2010-2830

The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603.

7.1CVSS6.7AI score0.00399EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.51 views

CVE-2012-0386

The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.

7.8CVSS6.6AI score0.02138EPSS
CVE
CVE
added 2011/06/09 2:38 a.m.50 views

CVE-2011-2395

The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated...

5CVSS6.9AI score0.00147EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.50 views

CVE-2015-0642

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 pac...

7.8CVSS6.7AI score0.01796EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.49 views

CVE-2008-3800

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP mes...

7.1CVSS6.4AI score0.01935EPSS
CVE
CVE
added 2009/01/16 9:30 p.m.49 views

CVE-2008-3821

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

4.3CVSS5.7AI score0.10639EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.49 views

CVE-2011-0944

Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194.

7.8CVSS6.7AI score0.00371EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.49 views

CVE-2013-5475

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.

7.8CVSS6.8AI score0.00316EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.49 views

CVE-2014-2111

The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.

7.1CVSS6.5AI score0.00763EPSS
CVE
CVE
added 2005/11/18 9:3 p.m.48 views

CVE-2005-3669

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to...

5CVSS6.9AI score0.09461EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.48 views

CVE-2008-3806

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UD...

8.5CVSS6.7AI score0.01602EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.48 views

CVE-2010-0582

Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.

7.8CVSS6.7AI score0.00801EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.48 views

CVE-2011-0945

Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and...

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.47 views

CVE-2009-2866

Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.

7.8CVSS6.4AI score0.01683EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.47 views

CVE-2009-2873

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.

7.1CVSS6.6AI score0.00781EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.47 views

CVE-2012-4623

The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed D...

7.8CVSS6.7AI score0.00798EPSS
CVE
CVE
added 2006/02/01 2:2 a.m.46 views

CVE-2006-0486

Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cau...

4.6CVSS7AI score0.00099EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.46 views

CVE-2008-3804

Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.

7.1CVSS6.4AI score0.02057EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.45 views

CVE-2009-2868

Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.

7.8CVSS6.7AI score0.00451EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.45 views

CVE-2010-0576

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or proc...

7.8CVSS6.6AI score0.01653EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.45 views

CVE-2010-0578

The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.

7.8CVSS6.7AI score0.01653EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.45 views

CVE-2010-2832

Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.45 views

CVE-2010-2835

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers ...

7.8CVSS6.6AI score0.00371EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.45 views

CVE-2011-3275

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted SIP message, aka Bug ID CSCti48504.

7.8CVSS6.6AI score0.00427EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.45 views

CVE-2013-1145

Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.45 views

CVE-2014-3354

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP ...

7.8CVSS6.6AI score0.02904EPSS
Total number of security vulnerabilities108