VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,231 total · sorted by risk
  • CVE-2024-20260HigOct 23, 2024
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance (ASAv) and Cisco Secure Firewall Threat Defense Virtual (FTDv), formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to…

  • CVE-2024-20446HigAug 28, 2024
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY…

  • CVE-2018-15382HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could exploit this vulnerability by…

  • CVE-2018-15377HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due…

  • CVE-2018-0485HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the…

  • CVE-2018-0473HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets.…

  • CVE-2018-0470HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software…

  • CVE-2018-0467HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this…

  • CVE-2018-0421HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP…

  • CVE-2018-0418HigAug 15, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to…

  • CVE-2018-0410HigAug 15, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists…

  • CVE-2018-0383HigJul 16, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected…

  • CVE-2018-0369HigJul 16, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. There are four instances…

  • CVE-2018-0305HigJun 21, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability exists because the affected software…

  • CVE-2018-0277HigMay 17, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to…

  • CVE-2018-0252HigMay 2, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service…

  • CVE-2018-0234HigMay 2, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality in Cisco Aironet 1810, 1830, and 1850 Series Access Points could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service…

  • CVE-2018-0240HigApr 19, 2018
    risk 0.56cvss 8.6epss 0.04

    Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device,…

  • CVE-2018-0233HigApr 19, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device,…

  • CVE-2018-0231HigApr 19, 2018
    risk 0.56cvss 8.6epss 0.05

    A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial…

  • CVE-2018-0230HigApr 19, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting…

  • CVE-2018-0228HigApr 19, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The…

  • CVE-2018-0164HigMar 28, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge. The vulnerability is due to incorrect handling of crafted IPv6 packets. An attacker could exploit this…

  • CVE-2018-0157HigMar 28, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. The vulnerability is due to the way fragmented packets are handled in the firewall code. An attacker could exploit this…

  • CVE-2018-0139HigFeb 22, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS)…

  • CVE-2018-0137HigFeb 8, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An…

  • CVE-2018-0132HigFeb 8, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The…

  • CVE-2018-0117HigFeb 8, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in…

  • CVE-2018-0136HigJan 31, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service…

  • CVE-2018-0086HigJan 18, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on…

  • CVE-2017-3883HigOct 19, 2017
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability…

  • CVE-2017-12293HigOct 19, 2017
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker…

  • CVE-2017-12246HigOct 5, 2017
    risk 0.56cvss 8.6epss 0.07

    A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.…

  • CVE-2017-12245HigOct 5, 2017
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If…

  • CVE-2017-12244HigOct 5, 2017
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The…

  • CVE-2017-6612HigJul 25, 2017
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927.

  • CVE-2017-6608HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.05

    A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets.…

  • CVE-2017-3863HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2017-3862HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2017-3861HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2017-3860HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service…

  • CVE-2016-6368HigApr 20, 2017
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly…

  • CVE-2017-3864HigMar 22, 2017
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a…

  • CVE-2017-3846HigMar 15, 2017
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. The vulnerability is due to insufficient input validation. An…

  • CVE-2017-3790HigFeb 1, 2017
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition.…

  • CVE-2016-9225HigFeb 1, 2017
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service…

  • CVE-2016-2183HigSep 1, 2016
    risk 0.56cvss 7.5epss 0.96

    The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a…

  • CVE-2016-1337HigJul 3, 2016
    risk 0.56cvss 8.1epss 0.05

    Cisco EPC3928 devices allow remote attackers to obtain sensitive configuration and credential information by making requests during the early part of the boot process, related to a "Boot Information Disclosure" issue, aka Bug ID CSCux17178.

  • CVE-2016-1394HigJul 3, 2016
    risk 0.56cvss 8.6epss 0.01

    Cisco Firepower System Software 6.0.0 through 6.1.0 has a hardcoded account, which allows remote attackers to obtain CLI access by leveraging knowledge of the password, aka Bug ID CSCuz56238.

  • CVE-2016-1373HigMay 5, 2016
    risk 0.56cvss 8.6epss 0.01

    The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), 8.6(1), 9.0(1), 9.0(2), 9.1(1), 9.1(1)SU1, 9.1(1)SU1.1, 9.1(1)ES1 through 9.1(1)ES5, 10.0(1), 10.0(1)SU1, 10.0(1)SU1.1, 10.5(1), 10.5(1)ES1 through 10.5(1)ES4, 10.5(1)SU1, 10.5(1)SU1.1, 10.5(1)SU1.7, 10.6(1),…

Page 8 of 145