CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2016-1347
https://notcve.org/view.php?id=CVE-2016-1347
24 Mar 2016 — The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708. La implementación de Wide Area Application Services (WAAS) Express en Cisco IOS 15.1 hasta la versión 15.5 permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un segmento TCP manipulado, también conocida como Bug ID CSCuq59708. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2015-6429
https://notcve.org/view.php?id=CVE-2015-6429
19 Dec 2015 — The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236. La máquina de estado IKEv1 en Cisco IOS 15.4 hasta la versión 15.6 y IOS XE 3.15 hasta la versión 3.17 permite a atacantes remotos causar una denegación de servicio (terminación de conexión IPsec) a través de un paquete IKEv1 manipulado en un dispositivo final del tunel, ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151218-ios • CWE-19: Data Processing Errors •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6365
https://notcve.org/view.php?id=CVE-2015-6365
14 Nov 2015 — Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface ACLs, which allows remote authenticated users to bypass intended network-traffic restrictions in opportunistic circumstances by using PPP, aka Bug ID CSCur61303. Cisco IOS 15.2(04)M y 15.4(03)M permite a ACLs de interfaz física reemplazar a ACLs de interfaz virtual PPP, lo que permite a usuarios remotos autenticados eludir las restricciones destinadas al tráfico de red en circunstancias oportunistas mediante el us... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-ios1 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6366
https://notcve.org/view.php?id=CVE-2015-6366
13 Nov 2015 — Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interface ACLs, which allows remote attackers to bypass intended network-traffic restrictions in opportunistic circumstances by using a tunnel, aka Bug ID CSCur01042. Cisco IOS 15.2(04)M6 y 15.4(03)S permite a ACLs de interfaz física reemplazar a ACLs de interfaz túnel, lo que permite a atacantes remotos eludir las restricciones destinadas al tráfico de red en circunstancias oportunistas mediante el uso de un túnel, también con... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-ios2 • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6263
https://notcve.org/view.php?id=CVE-2015-6263
12 Oct 2015 — The RADIUS client implementation in Cisco IOS 15.4(3)M2.2, when a shared RADIUS secret is configured, allows remote RADIUS servers to cause a denial of service (device reload) via malformed answers, aka Bug ID CSCuu59324. La implementación del cliente RADIUS en Cisco IOS 15.4(3)M2.2, cuando se configura un secreto RADIUS compartido, permite a servidores RADIUS remotos causar una denegación de servicio (reinicio del dispositivo) a través de respuestas malformadas, también conocido como error CSCuu59324. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151005-ios-radius • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 139EXPL: 0CVE-2015-6279
https://notcve.org/view.php?id=CVE-2015-6279
28 Sep 2015 — The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400. Vulnerabil... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 155EXPL: 0CVE-2015-6278
https://notcve.org/view.php?id=CVE-2015-6278
28 Sep 2015 — The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 74EXPL: 0CVE-2015-6280
https://notcve.org/view.php?id=CVE-2015-6280
28 Sep 2015 — The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E before 3.7.1E, 3.10S before 3.10.6S, 3.11S before 3.11.4S, 3.12S before 3.12.3S, 3.13S before 3.13.3S, and 3.14S before 3.14.1S does not properly implement RSA authentication, which allows remote attackers to obtain login access by leveraging knowledge of a username and the associated public key, aka Bug ID CSCus73013. Vulnerabilidad en la funcionalidad SSHv2 en Cisco IOS 15.2, 15.3, 15.4 y 15.5 y IOS XE 3.6E... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-sshpk • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-0708
https://notcve.org/view.php?id=CVE-2015-0708
29 Apr 2015 — Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow remote attackers to cause a denial of service (device crash) by including an IA_NA option in a DHCPv6 Solicit message on the local network, aka Bug ID CSCur29956. Cisco IOS 15.4S, 15.4SN, y 15.5S y IOS XE 3.13S y 3.14S permiten a atacantes remotos causar una denegación de servicio (caída de dispositivo) mediante la inclusión de una opción IA_NA en un mensaje DHCPv6 Solicit en la red local, también conocido como Bug ID CSCur29956. • http://tools.cisco.com/security/center/viewAlert.x?alertId=38543 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2015-0646
https://notcve.org/view.php?id=CVE-2015-0646
26 Mar 2015 — Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through 3.10.xS before 3.10.5S, and 3.11.xS and 3.12.xS before 3.12.3S allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted TCP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum94811. Fuga de memoria en el módulo de entradas de TCP en Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, y 15.4 y IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak • CWE-399: Resource Management Errors •