VYPR

Cisco iOS

by Cisco Systems, Inc.

CVEs (947)

  • CVE-2018-0163MedMar 28, 2018
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into…

  • CVE-2010-3050MedSep 25, 2017
    risk 0.42cvss 6.5epss 0.01

    Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot).

  • CVE-2017-6665MedAug 7, 2017
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within…

  • CVE-2012-5030MedAug 2, 2017
    risk 0.42cvss 6.5epss 0.01

    Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking specific SNMP objects.

  • CVE-2016-6473MedDec 14, 2016
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. More Information: CSCuu69332, CSCux07028. Known Affected Releases: 15.2(3)E. Known Fixed Releases: 12.2(50)SE4…

  • CVE-2016-6423MedOct 5, 2016
    risk 0.42cvss 6.5epss 0.01

    The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.

  • CVE-2016-6412MedSep 24, 2016
    risk 0.42cvss 6.5epss 0.01

    The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773.

  • CVE-2016-6410MedSep 24, 2016
    risk 0.42cvss 6.5epss 0.01

    The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856.

  • CVE-2014-2146MedSep 22, 2016
    risk 0.42cvss 6.5epss 0.01

    The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that…

  • CVE-2016-1425MedJul 3, 2016
    risk 0.42cvss 6.5epss 0.01

    Cisco IOS 15.0(2)SG5, 15.1(2)SG3, 15.2(1)E, 15.3(3)S, and 15.4(1.13)S allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun66735.

  • CVE-2016-1424MedJun 19, 2016
    risk 0.42cvss 6.5epss 0.01

    Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132.

  • CVE-2016-1333MedFeb 17, 2016
    risk 0.42cvss 6.5epss 0.02

    Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OIDs, aka Bug ID CSCux89878.

  • CVE-2016-1330MedFeb 15, 2016
    risk 0.42cvss 6.5epss 0.01

    Cisco IOS 15.2(4)E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service (device reload) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuy27746.

  • CVE-2025-43210MedApr 2, 2026
    risk 0.41cvss 6.3epss 0.00

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted media…

  • CVE-2025-43448MedNov 4, 2025
    risk 0.41cvss 6.3epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to break out of…

  • CVE-2025-43400MedSep 29, 2025
    risk 0.41cvss 6.3epss 0.06

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.1 and iPadOS 18.7.1, iOS 26.0.1 and iPadOS 26.0.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, tvOS 26.1, visionOS 26.0.1, watchOS 26.1. Processing a…

  • CVE-2025-31233MedMay 12, 2025
    risk 0.41cvss 6.3epss 0.01

    The issue was addressed with improved input sanitization. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing a maliciously crafted video file may lead to…

  • CVE-2025-30429MedMar 31, 2025
    risk 0.41cvss 6.3epss 0.00

    A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox.

  • CVE-2025-24212MedMar 31, 2025
    risk 0.41cvss 6.3epss 0.00

    This issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to break out of its sandbox.

  • CVE-2026-43666MedMay 11, 2026
    risk 0.40cvss 6.2epss 0.00

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker on the local…

Page 13 of 48