VYPR

Cisco iOS

by Cisco Systems, Inc.

CVEs (951)

  • CVE-2025-43424MedNov 4, 2025
    risk 0.42cvss 6.5epss 0.00

    The issue was addressed with improved bounds checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. A malicious HID device may cause an unexpected process crash.

  • CVE-2025-43356MedSep 15, 2025
    risk 0.42cvss 6.5epss 0.01

    The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A website may be able to access sensor information without user consent.

  • CVE-2025-43272MedSep 15, 2025
    risk 0.42cvss 6.5epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.

  • CVE-2025-31215MedMay 12, 2025
    risk 0.42cvss 6.5epss 0.01

    The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-31210MedMay 12, 2025
    risk 0.42cvss 6.5epss 0.00

    The issue was addressed with improved UI. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. Processing web content may lead to a denial-of-service.

  • CVE-2025-24225MedMay 12, 2025
    risk 0.42cvss 6.5epss 0.00

    An injection issue was addressed with improved input validation. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. Processing an email may lead to user interface spoofing.

  • CVE-2025-31203MedApr 29, 2025
    risk 0.42cvss 6.5epss 0.00

    An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An attacker on the local network may be able to cause a…

  • CVE-2025-30445MedApr 29, 2025
    risk 0.42cvss 6.5epss 0.00

    A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may cause an unexpected app…

  • CVE-2025-24251MedApr 29, 2025
    risk 0.42cvss 6.5epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An attacker on the local network may cause an unexpected app…

  • CVE-2025-30432MedMar 31, 2025
    risk 0.42cvss 6.4epss 0.01

    A logic issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. A malicious app may be able to attempt passcode entries on a locked…

  • CVE-2025-24192MedMar 31, 2025
    risk 0.42cvss 6.5epss 0.01

    A script imports issue was addressed with improved isolation. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. Visiting a website may leak sensitive data.

  • CVE-2024-54467MedMar 10, 2025
    risk 0.42cvss 6.5epss 0.01

    A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin.

  • CVE-2018-0466MedOct 5, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. The vulnerability is due to incorrect handling of specific OSPFv3 packets.…

  • CVE-2018-0163MedMar 28, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into…

  • CVE-2010-3050MedSep 25, 2017
    risk 0.42cvss 6.5epss 0.01

    Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot).

  • CVE-2017-6665MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within…

  • CVE-2012-5030MedAug 2, 2017
    risk 0.42cvss 6.5epss 0.01

    Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects.

  • CVE-2016-6473MedDec 14, 2016
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. More Information: CSCuu69332, CSCux07028. Known Affected Releases: 15.2(3)E. Known Fixed Releases: 12.2(50)SE4…

  • CVE-2016-6423MedOct 5, 2016
    risk 0.42cvss 6.5epss 0.01

    The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.

  • CVE-2016-6412MedSep 24, 2016
    risk 0.42cvss 6.5epss 0.01

    The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773.

Page 11 of 48