CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2015-0608
https://notcve.org/view.php?id=CVE-2015-0608
12 Feb 2015 — Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to cause a denial of service (device reload) via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCul48736. Condición de carrera en la implementación Measurement, Aggregation, y Correlation Engine (MACE) en Cisco IOS 15.4(2)T3 y anteriores permite a atacantes... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0608 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2015-0610
https://notcve.org/view.php?id=CVE-2015-0610
12 Feb 2015 — Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071. Condición de carrera en la característica object-group ACL en Cisco IOS 15.5(2)T y anteriores permite a atacantes remotos evadir las restricciones de acceso a través de trafico manipulado de la red que pr... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0610 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2015-0586
https://notcve.org/view.php?id=CVE-2015-0586
28 Jan 2015 — The Network-Based Application Recognition (NBAR) protocol implementation in Cisco IOS 15.3(100)M and earlier on Cisco 2900 Integrated Services Router (aka Cisco Internet Router) devices allows remote attackers to cause a denial of service (NBAR process hang) via IPv4 packets, aka Bug ID CSCuo73682. La implementación del protocolo Network-Based Application Recognition (NBAR) en Cisco IOS 15.3(100)M y anteriores en los dispositivos de Cisco 2900 Integrated Services Router (también conocido como Cisco Internet... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0586 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2014-3409
https://notcve.org/view.php?id=CVE-2014-3409
25 Oct 2014 — The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406. La caracteristica del manejador Ethernet Connectivity Fault Management (CFM) en Cisco IOS 12.2(33)SRE9a y anteriores e IOS XE 3.13S y anteriores permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes CFM ma... • http://secunia.com/advisories/61799 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 4%CPEs: 131EXPL: 0CVE-2014-3354
https://notcve.org/view.php?id=CVE-2014-3354
25 Sep 2014 — Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547. Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, y 15.3 y IOS XE 2.x y 3.x anterior a 3.7.4S; 3.2.xSE y 3.3.xSE anterior a 3.3.2SE; 3.3.xSG y 3.4.xSG anterior a 3.4.4SG; y 3.8.xS, 3.9.... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3262
https://notcve.org/view.php?id=CVE-2014-3262
16 May 2014 — The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782. La implementación Locator/ID Separation Protocol (LISP) en Cisco IOS 15.3(3)S y anteriores y IOS XE no valida debidamenete parámetros en mensajes de control ITR, lo que permite a atacantes remotos causar una den... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3262 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2014-2143
https://notcve.org/view.php?id=CVE-2014-2143
04 Apr 2014 — The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. La implementación IKE en Cisco IOS 15.4(1)T y anteriores y IOS XE permite a atacantes remotos causar una denegación de servicio (abandono de asociación de seguridad) a través de paquetes Main Mode manipulados, también conocido como Bug ID CSCun31021. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2143 •
CVSS: 6.1EPSS: 10%CPEs: 284EXPL: 2CVE-2008-3821 – Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-3821
16 Jan 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el servidor HTTP en Cisco IOS v11.0 hasta v12.4, permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante (1) la cadena query al programa ... • https://www.exploit-db.com/exploits/32723 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 1%CPEs: 11EXPL: 0CVE-2008-3806
https://notcve.org/view.php?id=CVE-2008-3806
26 Sep 2008 — Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. En Cisco IOS v12.0 a la v12.4 en Cisco 10000, los paquetes externos del UDP del manejador de dispositivos de la serie uBR10012 y uBR7200 que se envían a las... • http://secunia.com/advisories/31990 •
CVSS: 7.8EPSS: 2%CPEs: 252EXPL: 0CVE-2008-3808
https://notcve.org/view.php?id=CVE-2008-3808
26 Sep 2008 — Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. Vulnerabilidad no especificada en Cisco IOS v12.0, permite a atacantes remotos causar denegación de servicio (reinicio de dispositivo) a través del paquete del Protocolo Multidifusión Independiente (PIM) manipulado. • http://secunia.com/advisories/31990 •