Total
595 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-0362 | 1 Cisco | 1 Ios | 2012-10-29 | 4.3 MEDIUM | N/A |
The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106. | |||||
CVE-2011-4012 | 1 Cisco | 1 Ios | 2012-10-29 | 9.3 HIGH | N/A |
Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) is used, does not create a fragment entry during processing of an ICMPv6 ACL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtj90091. | |||||
CVE-2011-4007 | 1 Cisco | 2 Ios, Ios Xe | 2012-10-29 | 5.4 MEDIUM | N/A |
Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set mpls experimental imposition" command, which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly, aka Bug ID CSCtr56576. | |||||
CVE-2011-4015 | 1 Cisco | 1 Ios | 2012-10-29 | 5.0 MEDIUM | N/A |
Cisco IOS 15.2S allows remote attackers to cause a denial of service (interface queue wedge) via malformed UDP traffic on port 465, aka Bug ID CSCts48300. | |||||
CVE-2011-3289 | 1 Cisco | 1 Ios | 2012-10-29 | 3.6 LOW | N/A |
Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attackers to bypass the No Service Password-Recovery feature and read the start-up configuration via unspecified vectors, aka Bug ID CSCtr97640. | |||||
CVE-2011-2586 | 1 Cisco | 1 Ios | 2012-10-29 | 5.4 MEDIUM | N/A |
The HTTP client in Cisco IOS 12.4 and 15.0 allows user-assisted remote attackers to cause a denial of service (device crash) via a malformed HTTP response to a request for service installation, aka Bug ID CSCts12249. | |||||
CVE-2012-3893 | 1 Cisco | 1 Ios | 2012-09-16 | 6.3 MEDIUM | N/A |
The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote authenticated users to cause a denial of service (spoke crash) via spoke-to-spoke traffic, aka Bug ID CSCtz02622. | |||||
CVE-2012-1361 | 1 Cisco | 1 Ios | 2012-08-07 | 4.3 MEDIUM | N/A |
Cisco IOS 15.1 and 15.2, when the Multicast Music-on-Hold (MMoH) feature of Cisco Unified Communications Manager (CUCM) is enabled, allows remote attackers to obtain sensitive crosstalk information by listening during a PSTN call, aka Bug ID CSCtx77750. | |||||
CVE-2012-1350 | 1 Cisco | 19 Aironet 1040, Aironet 1140, Aironet 1260 and 16 more | 2012-08-06 | 7.8 HIGH | N/A |
Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service (radio-interface input-queue hang) via IAPP 0x3281 packets, aka Bug ID CSCtc12426. | |||||
CVE-2012-1367 | 1 Cisco | 1 Ios | 2012-08-06 | 5.0 MEDIUM | N/A |
The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538. | |||||
CVE-2011-4019 | 1 Cisco | 2 Ios, Unified Communications Manager | 2012-05-29 | 5.4 MEDIUM | N/A |
Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883. | |||||
CVE-2011-0939 | 1 Cisco | 2 Ios, Ios Xe | 2012-05-17 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCth03022. | |||||
CVE-2011-0944 | 1 Cisco | 1 Ios | 2012-05-17 | 7.8 HIGH | N/A |
Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194. | |||||
CVE-2011-3276 | 1 Cisco | 2 Ios, Ios Xe | 2012-05-13 | 7.8 HIGH | N/A |
Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060, aka Bug ID CSCso02147. | |||||
CVE-2011-3275 | 1 Cisco | 2 Ios, Ios Xe | 2012-05-13 | 7.8 HIGH | N/A |
Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted SIP message, aka Bug ID CSCti48504. | |||||
CVE-2011-3274 | 1 Cisco | 2 Ios, Ios Xe | 2012-05-13 | 6.1 MEDIUM | N/A |
Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is configured, allows remote attackers to cause a denial of service (device crash) via a crafted IPv6 packet, related to an expired MPLS TTL, aka Bug ID CSCto07919. | |||||
CVE-2011-3271 | 1 Cisco | 1 Ios | 2012-05-13 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Smart Install functionality in Cisco IOS 12.2 and 15.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via crafted TCP packets to port 4786, aka Bug ID CSCto10165. | |||||
CVE-2011-3270 | 1 Cisco | 2 10008 Router, Ios | 2012-05-13 | 7.8 HIGH | N/A |
Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and 15.0S before 15.0(1)S3a on Cisco 10000 series routers allows remote attackers to cause a denial of service (device reload) via a sequence of crafted ICMP packets, aka Bug ID CSCtk62453. | |||||
CVE-2011-3273 | 1 Cisco | 1 Ios | 2012-05-13 | 7.8 HIGH | N/A |
Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848. | |||||
CVE-2011-0945 | 1 Cisco | 2 Ios, Ios Xe | 2012-05-13 | 7.8 HIGH | N/A |
Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and device reload or hang) via a crafted IP protocol 91 packet, aka Bug ID CSCth69364. |