Vendor CVEs
Cisco Systems, Inc.
All CVEs
7,228 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1402 | Hig | 0.49 | 7.5 | 0.02 | May 21, 2016 | The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enabled, allows remote attackers to cause a denial of service (authentication outage) via a crafted Password Authentication… | ||
| CVE-2016-1399 | Hig | 0.49 | 7.5 | 0.02 | May 14, 2016 | The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA on Industrial Ethernet 4000 devices and 15.2(2)EB and 15.2(2)EB1 on Industrial Ethernet 5000 devices allows remote attackers to cause a denial of service (packet data corruption) via… | ||
| CVE-2016-1369 | Hig | 0.49 | 7.5 | 0.02 | May 5, 2016 | The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and… | ||
| CVE-2016-1368 | Hig | 0.49 | 7.5 | 0.02 | May 5, 2016 | Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, and on the Advanced Malware Protection (AMP) for Networks component on these appliances, allows remote attackers to cause a denial of service (packet-processing… | ||
| CVE-2016-1386 | Hig | 0.49 | 7.5 | 0.01 | Apr 28, 2016 | The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka Bug ID CSCux15521. | ||
| CVE-2016-1367 | Hig | 0.49 | 7.5 | 0.02 | Apr 21, 2016 | The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248. | ||
| CVE-2016-1364 | Hig | 0.49 | 7.5 | 0.02 | Apr 21, 2016 | Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) and 7.5, 7.6, and 8.0 before 8.0.110.0(ED) allows remote attackers to cause a denial of service (device reload) via crafted Bonjour traffic, aka Bug ID CSCur66908. | ||
| CVE-2016-1362 | Hig | 0.49 | 7.5 | 0.02 | Apr 21, 2016 | Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCun86747. | ||
| CVE-2015-6360 | Hig | 0.49 | 7.5 | 0.08 | Apr 21, 2016 | The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. | ||
| CVE-2016-1384 | Hig | 0.49 | 7.5 | 0.02 | Apr 20, 2016 | The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898. | ||
| CVE-2015-6313 | Hig | 0.49 | 7.5 | 0.03 | Apr 6, 2016 | Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP… | ||
| CVE-2015-6312 | Hig | 0.49 | 7.5 | 0.02 | Apr 6, 2016 | Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348. | ||
| CVE-2016-1345 | Hig | 0.49 | 7.5 | 0.01 | Apr 1, 2016 | Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726. | ||
| CVE-2016-1351 | Hig | 0.49 | 7.5 | 0.04 | Mar 26, 2016 | The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279. | ||
| CVE-2016-1350 | Hig | 0.49 | 7.5 | 0.03 | Mar 26, 2016 | Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293. | ||
| CVE-2016-1349 | Hig | 0.49 | 7.5 | 0.02 | Mar 26, 2016 | The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410. | ||
| CVE-2016-1348 | Hig | 0.49 | 7.5 | 0.02 | Mar 26, 2016 | Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821. | ||
| CVE-2016-1347 | Hig | 0.49 | 7.5 | 0.01 | Mar 24, 2016 | The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708. | ||
| CVE-2016-1326 | Hig | 0.49 | 7.5 | 0.03 | Mar 9, 2016 | The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105. | ||
| CVE-2016-1325 | Hig | 0.49 | 7.5 | 0.04 | Mar 9, 2016 | The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506. | ||
| CVE-2016-1312 | Hig | 0.49 | 7.5 | 0.03 | Mar 9, 2016 | The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID… | ||
| CVE-2015-6260 | Hig | 0.49 | 7.5 | 0.02 | Mar 3, 2016 | Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645. | ||
| CVE-2015-0718 | Hig | 0.49 | 7.5 | 0.04 | Mar 3, 2016 | Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session,… | ||
| CVE-2016-1335 | Hig | 0.49 | 7.5 | 0.03 | Feb 19, 2016 | The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint… | ||
| CVE-2016-1322 | Hig | 0.49 | 7.5 | 0.01 | Feb 12, 2016 | The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584. | ||
| CVE-2016-1315 | Hig | 0.49 | 7.5 | 0.01 | Feb 12, 2016 | The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote attackers to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug ID… | ||
| CVE-2015-6398 | Hig | 0.49 | 7.5 | 0.02 | Feb 7, 2016 | Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c) allow remote attackers to cause a denial of service (device reload) via an IPv4 ICMP packet with the IP Record Route option, aka Bug ID CSCuq57512. | ||
| CVE-2016-1303 | Hig | 0.49 | 7.5 | 0.01 | Jan 30, 2016 | The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330. | ||
| CVE-2015-6421 | Hig | 0.49 | 7.5 | 0.02 | Jan 27, 2016 | cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted… | ||
| CVE-2016-1296 | Hig | 0.49 | 7.5 | 0.02 | Jan 20, 2016 | The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848. | ||
| CVE-2015-6320 | Hig | 0.49 | 7.5 | 0.02 | Jan 15, 2016 | The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138. | ||
| CVE-2015-6432 | Hig | 0.49 | 7.5 | 0.02 | Jan 5, 2016 | Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted… | ||
| CVE-2012-0382 | Hig | 0.49 | 7.5 | 0.04 | Mar 29, 2012 | The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of… | ||
| CVE-2012-0381 | Hig | 0.49 | 7.5 | 0.04 | Mar 29, 2012 | The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending… | ||
| CVE-2011-2058 | Hig | 0.49 | 7.5 | 0.02 | Oct 22, 2011 | The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL… | ||
| CVE-2011-2057 | Hig | 0.49 | 7.5 | 0.02 | Oct 22, 2011 | The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to… | ||
| CVE-2011-1640 | Hig | 0.49 | 7.5 | 0.02 | Oct 22, 2011 | The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354. | ||
| CVE-2011-3288 | Hig | 0.49 | 7.5 | 0.02 | Oct 6, 2011 | Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity… | ||
| CVE-2011-3280 | Hig | 0.49 | 7.5 | 0.02 | Oct 3, 2011 | Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672. | ||
| CVE-2008-4390 | Hig | 0.49 | 7.5 | 0.03 | Dec 9, 2008 | The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by sniffing the network. | ||
| CVE-2005-3803 | Hig | 0.49 | 7.5 | 0.02 | Nov 24, 2005 | Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information. | ||
| CVE-2005-2181 | Hig | 0.49 | 7.5 | 0.01 | Jul 11, 2005 | Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message. | ||
| CVE-2002-1706 | Hig | 0.49 | 7.5 | 0.01 | Dec 31, 2002 | Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature,… | ||
| CVE-2026-20051 | Hig | 0.48 | 7.4 | 0.00 | Feb 25, 2026 | A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is… | ||
| CVE-2026-20033 | Hig | 0.48 | 7.4 | 0.00 | Feb 25, 2026 | A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet… | ||
| CVE-2026-20010 | Hig | 0.48 | 7.4 | 0.00 | Feb 25, 2026 | A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to… | ||
| CVE-2020-37167 | Hig | 0.48 | 8.4 | 0.00 | Feb 12, 2026 | ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially… | ||
| CVE-2025-43520 | Med | 0.48 | 5.5 | 0.00 | KEV | Dec 12, 2025 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may… | |
| CVE-2025-20311 | Hig | 0.48 | 7.4 | 0.00 | Sep 24, 2025 | A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an egress port to become blocked and drop all outbound traffic. This vulnerability is due to… | ||
| CVE-2025-20340 | Hig | 0.48 | 7.4 | 0.01 | Sep 10, 2025 | A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device. This vulnerability is… |
- risk 0.49cvss 7.5epss 0.02
The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enabled, allows remote attackers to cause a denial of service (authentication outage) via a crafted Password Authentication…
- risk 0.49cvss 7.5epss 0.02
The packet-processing microcode in Cisco IOS 15.2(2)EA, 15.2(2)EA1, 15.2(2)EA2, and 15.2(4)EA on Industrial Ethernet 4000 devices and 15.2(2)EB and 15.2(2)EB1 on Industrial Ethernet 5000 devices allows remote attackers to cause a denial of service (packet data corruption) via…
- risk 0.49cvss 7.5epss 0.02
The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and…
- risk 0.49cvss 7.5epss 0.02
Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000 and 8000 appliances, and on the Advanced Malware Protection (AMP) for Networks component on these appliances, allows remote attackers to cause a denial of service (packet-processing…
- risk 0.49cvss 7.5epss 0.01
The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka Bug ID CSCux15521.
- risk 0.49cvss 7.5epss 0.02
The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248.
- risk 0.49cvss 7.5epss 0.02
Cisco Wireless LAN Controller (WLC) Software 7.4 before 7.4.130.0(MD) and 7.5, 7.6, and 8.0 before 8.0.110.0(ED) allows remote attackers to cause a denial of service (device reload) via crafted Bonjour traffic, aka Bug ID CSCur66908.
- risk 0.49cvss 7.5epss 0.02
Cisco AireOS 4.1 through 7.4.120.0, 7.5.x, and 7.6.100.0 on Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug ID CSCun86747.
- risk 0.49cvss 7.5epss 0.08
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
- risk 0.49cvss 7.5epss 0.02
The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898.
- risk 0.49cvss 7.5epss 0.03
Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP…
- risk 0.49cvss 7.5epss 0.02
Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.
- risk 0.49cvss 7.5epss 0.01
Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726.
- risk 0.49cvss 7.5epss 0.04
The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.
- risk 0.49cvss 7.5epss 0.03
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
- risk 0.49cvss 7.5epss 0.02
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.
- risk 0.49cvss 7.5epss 0.02
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
- risk 0.49cvss 7.5epss 0.01
The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708.
- risk 0.49cvss 7.5epss 0.03
The administration interface on Cisco DPQ3925 devices with firmware r1 allows remote attackers to cause a denial of service (device restart) via a crafted HTTP request, aka Bug ID CSCup48105.
- risk 0.49cvss 7.5epss 0.04
The administration interface on Cisco DPC3939B and DPC3941 devices allows remote attackers to obtain sensitive information via a crafted HTTP request, aka Bug ID CSCus49506.
- risk 0.49cvss 7.5epss 0.03
The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID…
- risk 0.49cvss 7.5epss 0.02
Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.
- risk 0.49cvss 7.5epss 0.04
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session,…
- risk 0.49cvss 7.5epss 0.03
The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint…
- risk 0.49cvss 7.5epss 0.01
The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584.
- risk 0.49cvss 7.5epss 0.01
The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security Appliance (ESA) 9.5.0-201, 9.6.0-051, and 9.7.0-125, allows remote attackers to bypass intended content restrictions via a malformed e-mail message containing an encoded file, aka Bug ID…
- risk 0.49cvss 7.5epss 0.02
Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c) allow remote attackers to cause a denial of service (device reload) via an IPv4 ICMP packet with the IP Record Route option, aka Bug ID CSCuq57512.
- risk 0.49cvss 7.5epss 0.01
The web GUI on Cisco Small Business 500 devices 1.2.0.92 allows remote attackers to cause a denial of service via a crafted HTTP request, aka Bug ID CSCul65330.
- risk 0.49cvss 7.5epss 0.02
cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted…
- risk 0.49cvss 7.5epss 0.02
The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848.
- risk 0.49cvss 7.5epss 0.02
The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug ID CSCuv63138.
- risk 0.49cvss 7.5epss 0.02
Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted…
- risk 0.49cvss 7.5epss 0.04
The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of…
- risk 0.49cvss 7.5epss 0.04
The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending…
- risk 0.49cvss 7.5epss 0.02
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL…
- risk 0.49cvss 7.5epss 0.02
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to…
- risk 0.49cvss 7.5epss 0.02
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.
- risk 0.49cvss 7.5epss 0.02
Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity…
- risk 0.49cvss 7.5epss 0.02
Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.
- risk 0.49cvss 7.5epss 0.03
The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by sniffing the network.
- risk 0.49cvss 7.5epss 0.02
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information.
- risk 0.49cvss 7.5epss 0.01
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
- risk 0.49cvss 7.5epss 0.01
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature,…
- risk 0.48cvss 7.4epss 0.00
A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is…
- risk 0.48cvss 7.4epss 0.00
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet…
- risk 0.48cvss 7.4epss 0.00
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to…
- risk 0.48cvss 8.4epss 0.00
ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially…
- risk 0.48cvss 5.5epss 0.00
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may…
- risk 0.48cvss 7.4epss 0.00
A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an egress port to become blocked and drop all outbound traffic. This vulnerability is due to…
- risk 0.48cvss 7.4epss 0.01
A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device. This vulnerability is…
Page 33 of 145