Lucene search

K

100 matches found

CVE
CVE
added 2023/10/10 2:15 p.m.4480 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.9445EPSS
CVE
CVE
added 2022/02/23 6:15 p.m.152 views

CVE-2022-20623

A vulnerability in the rate limiter for Bidirectional Forwarding Detection (BFD) traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is due to a logic error ...

8.6CVSS7.8AI score0.18366EPSS
CVE
CVE
added 2019/05/13 7:29 p.m.124 views

CVE-2019-1649

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that supp...

7.2CVSS6.4AI score0.00256EPSS
CVE
CVE
added 2020/02/05 6:15 p.m.120 views

CVE-2020-3120

A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is d...

7.4CVSS6.5AI score0.00319EPSS
CVE
CVE
added 2020/02/05 6:15 p.m.111 views

CVE-2020-3119

A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validat...

8.8CVSS8.9AI score0.07914EPSS
CVE
CVE
added 2023/02/23 8:15 p.m.107 views

CVE-2023-20050

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An atta...

7.8CVSS6.4AI score0.00064EPSS
CVE
CVE
added 2019/08/28 7:15 p.m.101 views

CVE-2019-1965

A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that overtime can deplete system memory. When there is no syst...

7.7CVSS7.3AI score0.01048EPSS
CVE
CVE
added 2020/08/27 4:15 p.m.86 views

CVE-2020-3517

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and ...

8.6CVSS8.4AI score0.0151EPSS
CVE
CVE
added 2019/08/28 7:15 p.m.84 views

CVE-2019-1963

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper val...

7.7CVSS6.7AI score0.00924EPSS
CVE
CVE
added 2019/07/31 6:15 p.m.83 views

CVE-2019-1901

A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privilege...

8.8CVSS9.1AI score0.00159EPSS
CVE
CVE
added 2020/02/26 5:15 p.m.81 views

CVE-2020-3170

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could exp...

5.3CVSS5.3AI score0.004EPSS
CVE
CVE
added 2019/05/16 2:29 a.m.74 views

CVE-2019-1858

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application to leak system memory, which could cause an affected device to restart unexpectedly. ...

8.6CVSS8.4AI score0.02862EPSS
CVE
CVE
added 2019/08/28 7:15 p.m.71 views

CVE-2019-1962

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient validation of TCP packets ...

8.6CVSS7.9AI score0.01447EPSS
CVE
CVE
added 2009/09/08 11:30 p.m.68 views

CVE-2009-0627

Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-46...

7.8CVSS8.9AI score0.00461EPSS
CVE
CVE
added 2019/03/06 10:29 p.m.68 views

CVE-2019-1593

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to the ...

7.8CVSS7.7AI score0.00148EPSS
CVE
CVE
added 2019/03/06 10:29 p.m.66 views

CVE-2019-1594

A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN (EAPOL) ...

7.4CVSS7.4AI score0.0072EPSS
CVE
CVE
added 2019/03/07 8:0 p.m.65 views

CVE-2019-1598

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vul...

8.6CVSS8.1AI score0.02767EPSS
CVE
CVE
added 2019/05/15 11:29 p.m.63 views

CVE-2019-1812

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. The vulnerability exists because software digital signatures are not pro...

7.2CVSS6.5AI score0.00066EPSS
CVE
CVE
added 2019/05/16 5:29 p.m.60 views

CVE-2019-1780

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insuffi...

7.2CVSS5.7AI score0.0006EPSS
CVE
CVE
added 2019/03/06 10:0 p.m.59 views

CVE-2019-1588

A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected device. The vulnerability is due to a lack of proper input and validation checking mechanisms o...

4.4CVSS4.5AI score0.00183EPSS
CVE
CVE
added 2019/05/15 8:29 p.m.59 views

CVE-2019-1774

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could...

7.2CVSS6.6AI score0.00107EPSS
CVE
CVE
added 2019/05/15 9:29 p.m.59 views

CVE-2019-1795

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to...

7.2CVSS6.7AI score0.00107EPSS
CVE
CVE
added 2018/06/20 9:29 p.m.58 views

CVE-2018-0307

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting mali...

7.8CVSS7.8AI score0.00134EPSS
CVE
CVE
added 2019/03/08 6:29 p.m.58 views

CVE-2019-1601

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker could ...

7.8CVSS7.7AI score0.00066EPSS
CVE
CVE
added 2018/06/20 9:29 p.m.57 views

CVE-2018-0291

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol...

6.8CVSS6.4AI score0.00907EPSS
CVE
CVE
added 2019/03/07 7:29 p.m.57 views

CVE-2019-1597

Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vul...

8.6CVSS8.1AI score0.02767EPSS
CVE
CVE
added 2019/05/15 8:29 p.m.57 views

CVE-2019-1790

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to cer...

7.2CVSS6.6AI score0.00107EPSS
CVE
CVE
added 2018/06/21 11:29 a.m.56 views

CVE-2018-0311

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates ...

7.8CVSS7.8AI score0.01377EPSS
CVE
CVE
added 2018/06/21 11:29 a.m.56 views

CVE-2018-0331

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure...

6.5CVSS6.4AI score0.00319EPSS
CVE
CVE
added 2019/03/08 7:29 p.m.56 views

CVE-2019-1602

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker cou...

7.8CVSS7.3AI score0.00239EPSS
CVE
CVE
added 2019/05/15 8:29 p.m.56 views

CVE-2019-1779

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device with elevated privileges. The vulnerability is due to insufficient validation of arguments p...

7.2CVSS5.7AI score0.00082EPSS
CVE
CVE
added 2019/05/15 11:29 p.m.56 views

CVE-2019-1809

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures ...

6.7CVSS6.3AI score0.00023EPSS
CVE
CVE
added 2020/08/27 4:15 p.m.56 views

CVE-2020-3415

A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input v...

8.8CVSS8.9AI score0.00214EPSS
CVE
CVE
added 2019/03/08 7:29 p.m.55 views

CVE-2019-1604

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is due to an incorrect authorization check of user accounts and their associated Group ID (GID). An atta...

7.8CVSS7.5AI score0.00277EPSS
CVE
CVE
added 2019/03/08 8:29 p.m.55 views

CVE-2019-1606

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could ...

7.8CVSS6.5AI score0.00161EPSS
CVE
CVE
added 2019/11/05 8:15 p.m.55 views

CVE-2019-1734

A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance attac...

5.5CVSS5.4AI score0.002EPSS
CVE
CVE
added 2019/03/11 10:0 p.m.54 views

CVE-2019-1616

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attac...

8.6CVSS7.9AI score0.00843EPSS
CVE
CVE
added 2019/05/15 8:29 p.m.54 views

CVE-2019-1776

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on...

7.2CVSS6.7AI score0.00107EPSS
CVE
CVE
added 2018/06/20 9:29 p.m.53 views

CVE-2018-0292

A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in...

8.8CVSS9.2AI score0.00247EPSS
CVE
CVE
added 2019/03/08 8:29 p.m.53 views

CVE-2019-1605

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root. The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS...

7.8CVSS7.9AI score0.0019EPSS
CVE
CVE
added 2019/03/08 8:29 p.m.53 views

CVE-2019-1609

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could ...

7.2CVSS5.7AI score0.00261EPSS
CVE
CVE
added 2019/05/15 7:29 p.m.53 views

CVE-2019-1767

A vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command injection. This could allow the attacker to execute arbitrary commands with el...

7.2CVSS7.2AI score0.00126EPSS
CVE
CVE
added 2019/08/30 9:15 a.m.53 views

CVE-2019-1966

A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand op...

7.8CVSS8.1AI score0.00232EPSS
CVE
CVE
added 2020/08/27 4:15 p.m.53 views

CVE-2020-3504

A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit ...

3.3CVSS4AI score0.00168EPSS
CVE
CVE
added 2021/09/23 3:15 a.m.53 views

CVE-2021-34714

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due t...

7.4CVSS7.4AI score0.00171EPSS
CVE
CVE
added 2019/03/08 8:29 p.m.52 views

CVE-2019-1608

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could ...

7.2CVSS5.7AI score0.00082EPSS
CVE
CVE
added 2019/03/11 10:0 p.m.52 views

CVE-2019-1611

A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI comm...

7.2CVSS5.7AI score0.00082EPSS
CVE
CVE
added 2019/03/11 10:0 p.m.52 views

CVE-2019-1617

A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to an incorrect processing of FCoE packets w...

7.4CVSS7.2AI score0.00317EPSS
CVE
CVE
added 2019/05/15 8:29 p.m.52 views

CVE-2019-1782

A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI com...

7.2CVSS6.6AI score0.00107EPSS
CVE
CVE
added 2013/04/25 10:55 a.m.51 views

CVE-2013-1178

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(...

8.3CVSS8.1AI score0.01639EPSS
Total number of security vulnerabilities100