CVSS: 10.0EPSS: 89%CPEs: 199EXPL: 6CVE-2016-1287 – Cisco ASA Software 8.x/9.x - IKEv1 / IKEv2 Buffer Overflow
https://notcve.org/view.php?id=CVE-2016-1287
11 Feb 2016 — Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute... • https://packetstorm.news/files/id/137100 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 26EXPL: 0CVE-2016-1295
https://notcve.org/view.php?id=CVE-2016-1295
16 Jan 2016 — Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote attackers to obtain sensitive information via an AnyConnect authentication attempt, aka Bug ID CSCuo65775. Cisco Adaptive Security Appliance (ASA) Software 8.4 permite a atacantes remotos obtener información sensible a través de un intento de autenticación AnyConnect, también conocido como Bug ID CSCuo65775. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160115-asa • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2015-6423
https://notcve.org/view.php?id=CVE-2015-6423
15 Jan 2016 — The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782. La implementación DCERPC Inspection en Cisco Adaptive Security Appliance (ASA) Software 9.4.1 hasta la versión 9.5.1 permite a usuarios remotos autenticados eludir una ACL destinada a DCERPC-only mediante el envío de tráfico de red arbitrario, también conocido como Bug ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6379
https://notcve.org/view.php?id=CVE-2015-6379
25 Nov 2015 — The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 allows remote authenticated users to cause a denial of service (device crash) via a crafted XML document, aka Bug ID CSCut14223. El parser XML en la interfaz de gestión en Cisco Adaptive Security Appliance (ASA) Software 8.4 permite a usuarios remotos autenticados causar una denegación de servicio (caída de dispositivo) a través de un documento XML manipulado, también conocida como Bug ID CSCut14223. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-asa • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 49EXPL: 0CVE-2015-6324
https://notcve.org/view.php?id=CVE-2015-6324
25 Oct 2015 — The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) software 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(2) allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug IDs CSCus56252 and CSCus57142. La implementación DHCPv6 relay en Cisco Adaptive Security Appliance (ASA) software 9.0 en versiones anteriores a 9.0(4.37), 9.1 en versiones anteriores a 9.1(6.6), 9.2 en versiones anteri... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dhcp1 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 175EXPL: 0CVE-2015-6325
https://notcve.org/view.php?id=CVE-2015-6325
25 Oct 2015 — Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.4), 9.2 before 9.2(4), 9.3 before 9.3(3.1), and 9.4 before 9.4(1.1) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCut03495. Cisco Adaptive Security Appliance (ASA) software 7.2 y 8.2 en versiones anteriores a 8.2(5.58), 8.3 y 8.4 en versiones anteriores a 8.4(7.29),... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 181EXPL: 0CVE-2015-6326
https://notcve.org/view.php?id=CVE-2015-6326
25 Oct 2015 — Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(1.5) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCuu07799. Cisco Adaptive Security Appliance (ASA) software 7.2 y 8.2 en versiones anteriores a 8.2(5.58), 8.3 y 8.4 en versiones anteriores a 8.4(7.29),... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns2 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 174EXPL: 0CVE-2015-6327
https://notcve.org/view.php?id=CVE-2015-6327
25 Oct 2015 — The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.8), 9.2 before 9.2(4), and 9.3 before 9.3(3) allows remote attackers to cause a denial of service (device reload) via crafted ISAKMP UDP packets, aka Bug ID CSCus94026. La implementación IKEv1 en Cisco Adaptive Security Appliance (ASA) software 7.2 y 8.2 en versiones anteriores a 8.2(5.58), 8.3 y 8.4 ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-ike • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-4321
https://notcve.org/view.php?id=CVE-2015-4321
20 Aug 2015 — The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724. Vulnerabilidad en la implementación Unicast Reverse Path Forwarding (uRPF) en Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.... • http://tools.cisco.com/security/center/viewAlert.x?alertId=40440 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4458
https://notcve.org/view.php?id=CVE-2015-4458
18 Jul 2015 — The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976. Vulnerabilidad en la implementación TLS en el firmware del módulo criptográfico de Cavium, asi como el distribuido con el Software Cisco Adaptive Security Apliance (ASA) 9.1 (5.21) y otros productos, no veri... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39919 • CWE-310: Cryptographic Issues •