CVSS: 7.8EPSS: 1%CPEs: 139EXPL: 0CVE-2015-6279
https://notcve.org/view.php?id=CVE-2015-6279
28 Sep 2015 — The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400. Vulnerabil... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-fhs • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 74EXPL: 0CVE-2015-6280
https://notcve.org/view.php?id=CVE-2015-6280
28 Sep 2015 — The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E before 3.7.1E, 3.10S before 3.10.6S, 3.11S before 3.11.4S, 3.12S before 3.12.3S, 3.13S before 3.13.3S, and 3.14S before 3.14.1S does not properly implement RSA authentication, which allows remote attackers to obtain login access by leveraging knowledge of a username and the associated public key, aka Bug ID CSCus73013. Vulnerabilidad en la funcionalidad SSHv2 en Cisco IOS 15.2, 15.3, 15.4 y 15.5 y IOS XE 3.6E... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-sshpk • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2015-6294
https://notcve.org/view.php?id=CVE-2015-6294
18 Sep 2015 — Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a denial of service (functionality loss) via crafted Cisco Discovery Protocol (CDP) packets, aka Bug ID CSCuu25770. Vulnerabilidad en Cisco IOS 15.2(3)E y versiones anteriores y IOS XE 3.6(2)E y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (pérdida de funcionalidad) a través de paquetes Cisco Discovery Protocol (CDP) modificados, también conocida como Bug ID CSCuu25770. • http://tools.cisco.com/security/center/viewAlert.x?alertId=41006 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 62EXPL: 0CVE-2015-0681
https://notcve.org/view.php?id=CVE-2015-0681
24 Jul 2015 — The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSC... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4185
https://notcve.org/view.php?id=CVE-2015-4185
13 Jun 2015 — The TCL interpreter in Cisco IOS 15.2 does not properly maintain the vty state, which allows local users to gain privileges by starting a session very soon after a TCL script execution, aka Bug ID CSCuq24202. El interprete TCL en Cisco IOS 15.2 no mantiene correctamente el estado vty, lo que permite a usuarios locales ganar privilegios mediante el comienzo de una sesión muy pronto después de una ejecución de secuencias de comandos TCL, también conocido como Bug ID CSCuq24202. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39343 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0CVE-2015-0647
https://notcve.org/view.php?id=CVE-2015-0647
26 Mar 2015 — Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) UDP packets, aka Bug ID CSCum98371. Cisco IOS 12.2, 12.4, 15.0, 15.2, y 15.3 permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes UDP de Common Industrial Protocol (CIP) malformados, también conocido como Bug ID CSCum98371. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 61EXPL: 0CVE-2015-0648
https://notcve.org/view.php?id=CVE-2015-0648
26 Mar 2015 — Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (memory consumption) via crafted Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun49658. Fuga de memoria en Cisco IOS 12.2, 12.4, 15.0, 15.2, y 15.3 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de paquetes TCP de Common Industrial Protocol (CIP) manipulados, también conocido como Bug ID CSCun49658. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 43EXPL: 0CVE-2015-0635
https://notcve.org/view.php?id=CVE-2015-0635
26 Mar 2015 — The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to spoof Autonomic Networking Registration Authority (ANRA) responses, and consequently bypass intended device and node access restrictions or cause a denial of service (disrupted domain access), via crafted AN messages, aka Bug ID CSCup62191. La implementación Autonomic Networking Infrastructure (ANI) en Cisco IOS 12.2, 12... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 29EXPL: 0CVE-2015-0636
https://notcve.org/view.php?id=CVE-2015-0636
26 Mar 2015 — The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293. La implemenatción Autonomic Networking Infrastructure (ANI) en Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, y 15.4 y IOS XE 3.10.xS hasta 3.13.xS anterior a 3.13.1S permite a atacantes remotos ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 41EXPL: 0CVE-2015-0637
https://notcve.org/view.php?id=CVE-2015-0637
26 Mar 2015 — The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315. La implemenatción Autonomic Networking Infrastructure (ANI) en Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, y 15.4 y IOS XE 3.10.xS hasta 3.13.xS anterior a 3.13.1S permite a atacantes remotos causar una denegación de servicio (recarga d... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-ani • CWE-20: Improper Input Validation •