VYPR

iOS Xr Software

by Cisco Systems, Inc.

CVEs (285)

  • CVE-2021-34713HigSep 9, 2021
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of…

  • CVE-2021-1268HigFeb 4, 2021
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management interface network of an affected device. The vulnerability exists because the software…

  • CVE-2020-3512HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition.…

  • CVE-2020-3511HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input…

  • CVE-2020-3409HigSep 24, 2020
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to…

  • CVE-2019-1918HigAug 7, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS-IS area to cause a denial of service (DoS)…

  • CVE-2019-1910HigAug 7, 2019
    risk 0.48cvss 7.4epss 0.00

    A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS–IS area to cause a denial of service…

  • CVE-2019-1849HigMay 16, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The…

  • CVE-2019-1846HigMay 16, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of…

  • CVE-2019-1748HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability exists because the affected software insufficiently…

  • CVE-2019-1746HigMar 28, 2019
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cluster Management Protocol (CMP) processing code in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to…

  • CVE-2018-15373HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The…

  • CVE-2018-0475HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input…

  • CVE-2018-0471HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. The vulnerability is due to incorrect…

  • CVE-2018-0241HigApr 19, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that…

  • CVE-2018-0165HigMar 28, 2018
    risk 0.48cvss 7.4epss 0.01

    A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition, aka a Memory…

  • CVE-2016-6474HigDec 14, 2016
    risk 0.48cvss 7.3epss 0.01

    A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system. More Information: CSCuv89417. Known Affected Releases:…

  • CVE-2024-20483HigSep 11, 2024
    risk 0.47cvss 7.2epss 0.01

    Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the…

  • CVE-2025-20314MedSep 24, 2025
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust. This vulnerability is…

  • CVE-2025-20313MedSep 24, 2025
    risk 0.44cvss 6.7epss 0.00

    Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These…

Page 8 of 15