CVSS: 7.5EPSS: 5%CPEs: 5EXPL: 0CVE-2016-1405 – Ubuntu Security Notice USN-3093-1
https://notcve.org/view.php?id=CVE-2016-1405
08 Jun 2016 — libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. libclamav en ClamAV (también conocida como Clam AntiVirus), tal como se utiliza en Advanced Malware Protection (AMP) en dispositivos Cis... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2016-1381
https://notcve.org/view.php?id=CVE-2016-1381
25 May 2016 — Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270. Fuga de memoria en Cisco AsyncOS 8.5 hasta la versión 9.0 en versiones anteriores a 9.0.1-162 en dispositivos Web Security Appliance (WSA) permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de una petición HTTP file-ran... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2 • CWE-399: Resource Management Errors •
CVSS: 5.3EPSS: 1%CPEs: 2EXPL: 0CVE-2016-1288
https://notcve.org/view.php?id=CVE-2016-1288
03 Mar 2016 — The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840. La funcionalidad de HTTPS Proxy en Cisco AsyncOS en versiones anteriores a 8.5.3-051 y 9.x en versiones anteriores a 9.0.0-485 en dispositivos Web Security Appliance (WSA) permite a atancantes remotos causar una d... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-1296
https://notcve.org/view.php?id=CVE-2016-1296
20 Jan 2016 — The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848. El motor de proxy en dispositivos Cisco Web Security Appliance (WSA) con software 8.5.3-055, 9.1.0-000 y 9.5.0-235 permite a atacantes remotos eludir las restricciones destinadas al proxy a través de un método HTTP mal formado, también conocido como Bug ID CSCux00848. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160119-wsa • CWE-254: 7PK - Security Features •