Lucene search

K
CiscoIos15.0

66 matches found

CVE
CVE
added 2015/03/26 10:59 a.m.64 views

CVE-2015-0646

Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service (memory consumption or device reload) by sen...

7.8CVSS6.6AI score0.01551EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.63 views

CVE-2014-2109

The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.

7.8CVSS6.6AI score0.01117EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.60 views

CVE-2011-0939

Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022.

7.8CVSS6.6AI score0.00371EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.58 views

CVE-2015-0643

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (memory consumption and device reload) by send...

7.8CVSS6.7AI score0.01796EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.57 views

CVE-2014-2108

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.

7.8CVSS6.5AI score0.01104EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.56 views

CVE-2011-2072

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or p...

7.8CVSS6.6AI score0.00708EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.56 views

CVE-2012-0384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access...

8.5CVSS6.8AI score0.00453EPSS
CVE
CVE
added 2012/08/06 5:55 p.m.55 views

CVE-2012-1338

Cisco IOS 15.0 and 15.1 on Catalyst 3560 and 3750 series switches allows remote authenticated users to cause a denial of service (device reload) by completing local web authentication quickly, aka Bug ID CSCts88664.

6.3CVSS6.5AI score0.00293EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.53 views

CVE-2012-4620

Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808.

7.8CVSS6.8AI score0.00726EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.53 views

CVE-2015-0650

The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by...

7.8CVSS6.6AI score0.01098EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.52 views

CVE-2013-1143

The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic en...

7.1CVSS6.8AI score0.00399EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.51 views

CVE-2012-0386

The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S allows remote attackers to cause a denial of service (device reload) via a crafted username in a reverse SSH login attempt, aka Bug ID CSCtr49064.

7.8CVSS6.6AI score0.02138EPSS
CVE
CVE
added 2015/03/26 10:59 a.m.50 views

CVE-2015-0642

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 pac...

7.8CVSS6.7AI score0.01796EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.49 views

CVE-2011-0944

Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194.

7.8CVSS6.7AI score0.00371EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.49 views

CVE-2013-5475

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.

7.8CVSS6.8AI score0.00316EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.49 views

CVE-2014-2111

The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.

7.1CVSS6.5AI score0.00763EPSS
CVE
CVE
added 2011/04/14 4:55 p.m.48 views

CVE-2011-0935

The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ...

10CVSS7.4AI score0.01588EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.48 views

CVE-2012-1311

The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through 3.4.xS before 3.4.2S, when a VRF interface is configured, allows remote attackers to cause a denial of service (interface queue wedge and service outage) via crafted RSVP packets, aka Bug ID CSCts80643.

7.8CVSS6.7AI score0.0215EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.48 views

CVE-2013-1146

The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.47 views

CVE-2012-4623

The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed D...

7.8CVSS6.7AI score0.00798EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.47 views

CVE-2013-5478

Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.46 views

CVE-2013-5481

The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817.

7.1CVSS6.8AI score0.00548EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.45 views

CVE-2011-3275

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted SIP message, aka Bug ID CSCti48504.

7.8CVSS6.6AI score0.00427EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.45 views

CVE-2013-1145

Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.45 views

CVE-2014-3354

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP ...

7.8CVSS6.6AI score0.02904EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.44 views

CVE-2011-3282

Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device reload) via an ICMPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCtj30155.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.44 views

CVE-2012-0383

Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (memory consumption, and device hang or reload) via SIP packets that require translation, related to a "memory starvation vulnerability," aka Bug ID CSCti35326.

7.8CVSS6.7AI score0.0215EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.44 views

CVE-2012-0387

Memory leak in the HTTP Inspection Engine feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit HTTP traffic, aka Bug ID CSCtq36153.

7.8CVSS6.9AI score0.0215EPSS
CVE
CVE
added 2012/08/06 3:55 p.m.44 views

CVE-2012-1367

The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538.

5CVSS6.8AI score0.00481EPSS
CVE
CVE
added 2011/08/18 6:55 p.m.43 views

CVE-2011-1625

Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerabi...

5.4CVSS6.4AI score0.01542EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.43 views

CVE-2012-3949

The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a den...

7.8CVSS6.6AI score0.00932EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.43 views

CVE-2012-4618

The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtn76183.

7.8CVSS6.7AI score0.00602EPSS
CVE
CVE
added 2014/08/11 10:55 p.m.43 views

CVE-2014-3327

The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.

7.8CVSS6.6AI score0.01451EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.42 views

CVE-2012-1315

Memory leak in the SIP inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted transit SIP traffic, aka Bug ID CSCti46171.

7.8CVSS6.8AI score0.0215EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.42 views

CVE-2014-3357

Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866.

7.8CVSS6.8AI score0.00898EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.41 views

CVE-2012-0385

The Smart Install feature in Cisco IOS 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (device reload) by sending a malformed Smart Install message over TCP, aka Bug ID CSCtt16051.

7.8CVSS6.7AI score0.02138EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.41 views

CVE-2012-1310

Memory leak in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted IP packets, aka Bug ID CSCto89536.

7.8CVSS6.8AI score0.00798EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.41 views

CVE-2012-4621

The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049.

7.8CVSS6.7AI score0.00452EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.40 views

CVE-2011-3273

Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2012/05/03 8:55 p.m.40 views

CVE-2012-1327

dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (assertion failure and reboot) via 802.11 wireless traffic, as demonstrated by a video call from Apple iOS 5.0 on an iPhone 4S, aka Bug ID CSCtt94391.

6.1CVSS6.1AI score0.00167EPSS
CVE
CVE
added 2013/03/28 11:55 p.m.40 views

CVE-2013-1147

The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device rel...

7.8CVSS6.9AI score0.00427EPSS
CVE
CVE
added 2014/09/25 10:55 a.m.40 views

CVE-2014-3361

The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071.

7.1CVSS6.6AI score0.01022EPSS
CVE
CVE
added 2012/05/02 10:9 a.m.39 views

CVE-2011-4016

The PPP implementation in Cisco IOS 12.2 and 15.0 through 15.2, when Point-to-Point Termination and Aggregation (PTA) and L2TP are used, allows remote attackers to cause a denial of service (device crash) via crafted network traffic, aka Bug ID CSCtf71673.

5.4CVSS6.8AI score0.00503EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.39 views

CVE-2012-0388

Memory leak in the H.323 inspection feature in the Zone-Based Firewall in Cisco IOS 12.4, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed transit H.323 traffic, aka Bug ID CSCtq45553.

7.8CVSS6.9AI score0.00801EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.39 views

CVE-2012-3950

The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.

7.1CVSS6.7AI score0.00662EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.38 views

CVE-2011-3274

Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919...

6.1CVSS6.6AI score0.00182EPSS
CVE
CVE
added 2012/05/03 10:11 a.m.38 views

CVE-2011-4019

Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883.

5.4CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2012/05/02 10:9 a.m.38 views

CVE-2012-0338

Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113.

5CVSS7AI score0.00274EPSS
CVE
CVE
added 2012/09/16 10:34 a.m.38 views

CVE-2012-3923

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, ak...

3.5CVSS6.4AI score0.00377EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.38 views

CVE-2014-2107

Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789.

7.1CVSS6.7AI score0.00399EPSS
Total number of security vulnerabilities66