Cisco iOS

CVEs (951)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2017-3881	Cisco Systems, Inc. Cisco iOS	Cri	0.87	9.8	0.99	KEV	Mar 17, 2017	A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management…
CVE-2017-6736	Cisco Systems, Inc. Cisco iOS	Hig	0.78	8.8	0.71	KEV	Jul 17, 2017	The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2025-43300	Apple Inc. macOS	Cri	0.77	10.0	0.20	KEV	Aug 21, 2025	An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8.…
CVE-2025-24201	Apple Inc. macOS	Cri	0.77	10.0	0.04	KEV	Mar 11, 2025	An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2,…
CVE-2017-12240	Cisco Systems, Inc. Cisco iOS	Cri	0.77	9.8	0.14	KEV	Sep 29, 2017	The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system…
CVE-2025-31201	Apple Inc. macOS	Cri	0.76	9.8	0.12	KEV	Apr 16, 2025	This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of…
CVE-2025-31200	Apple Inc. macOS	Cri	0.76	9.8	0.21	KEV	Apr 16, 2025	A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code…
CVE-2017-6737	Cisco Systems, Inc. Cisco iOS	Hig	0.73	8.8	0.43	KEV	Jul 17, 2017	A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …
CVE-2017-6742	Cisco Systems, Inc. Cisco iOS	Hig	0.71	8.8	0.21	KEV	Jul 17, 2017	A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …
CVE-2016-6415	Cisco Systems, Inc. Cisco iOS	Hig	0.71	7.5	0.88	KEV	Sep 19, 2016	The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA)…
CVE-2017-6744	Cisco Systems, Inc. Cisco iOS	Hig	0.70	8.8	0.07	KEV	Jul 17, 2017	The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2017-6743	Cisco Systems, Inc. Cisco iOS	Hig	0.70	8.8	0.11	KEV	Jul 17, 2017	The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2017-6740	Cisco Systems, Inc. Cisco iOS	Hig	0.70	8.8	0.11	KEV	Jul 17, 2017	The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2017-6739	Cisco Systems, Inc. Cisco iOS	Hig	0.70	8.8	0.11	KEV	Jul 17, 2017	A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …
CVE-2017-6738	Cisco Systems, Inc. Cisco iOS	Hig	0.70	8.8	0.11	KEV	Jul 17, 2017	The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2025-43529	Apple Inc. macOS	Hig	0.69	8.8	0.08	KEV	Dec 17, 2025	A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to…
CVE-2025-31277	Apple Inc. macOS	Hig	0.69	8.8	0.01	KEV	Jul 30, 2025	The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
CVE-2026-20147	Cisco Systems, Inc. Cisco iOS	Cri	0.64	9.9	0.11		Apr 15, 2026	A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This…
CVE-2025-43428	Apple Inc. macOS	Cri	0.64	9.8	0.01		Dec 17, 2025	A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication.
CVE-2025-43362	Apple Inc. Ipados	Cri	0.64	9.8	0.01		Sep 15, 2025	The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes without user permission.

CVE-2017-3881CriKEVMar 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.87cvss 9.8epss 0.99
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management…
CVE-2017-6736HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.78cvss 8.8epss 0.71
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2025-43300CriKEVAug 21, 2025
Apple Inc.
macOS
risk 0.77cvss 10.0epss 0.20
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8.…
CVE-2025-24201CriKEVMar 11, 2025
Apple Inc.
macOS
risk 0.77cvss 10.0epss 0.04
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.2 and iPadOS 18.3.2, iPadOS 17.7.6, macOS Sequoia 15.3.2, visionOS 2.3.2,…
CVE-2017-12240CriKEVSep 29, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.77cvss 9.8epss 0.14
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system…
CVE-2025-31201CriKEVApr 16, 2025
Apple Inc.
macOS
risk 0.76cvss 9.8epss 0.12
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of…
CVE-2025-31200CriKEVApr 16, 2025
Apple Inc.
macOS
risk 0.76cvss 9.8epss 0.21
A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code…
CVE-2017-6737HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.73cvss 8.8epss 0.43
A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …
CVE-2017-6742HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.71cvss 8.8epss 0.21
A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …
CVE-2016-6415HigKEVSep 19, 2016
Cisco Systems, Inc.
Cisco iOS
risk 0.71cvss 7.5epss 0.88
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA)…
CVE-2017-6744HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.70cvss 8.8epss 0.07
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2017-6743HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.70cvss 8.8epss 0.11
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2017-6740HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.70cvss 8.8epss 0.11
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2017-6739HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.70cvss 8.8epss 0.11
A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. …
CVE-2017-6738HigKEVJul 17, 2017
Cisco Systems, Inc.
Cisco iOS
risk 0.70cvss 8.8epss 0.11
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could…
CVE-2025-43529HigKEVDec 17, 2025
Apple Inc.
macOS
risk 0.69cvss 8.8epss 0.08
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to…
CVE-2025-31277HigKEVJul 30, 2025
Apple Inc.
macOS
risk 0.69cvss 8.8epss 0.01
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
CVE-2026-20147CriApr 15, 2026
Cisco Systems, Inc.
Cisco iOS
risk 0.64cvss 9.9epss 0.11
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This…
CVE-2025-43428CriDec 17, 2025
Apple Inc.
macOS
risk 0.64cvss 9.8epss 0.01
A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication.
CVE-2025-43362CriSep 15, 2025
Apple Inc.
Ipados
risk 0.64cvss 9.8epss 0.01
The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes without user permission.

Page 1 of 48