Page 47 of 295 results (0.014 seconds)

CVSS: 7.8EPSS: 1%CPEs: 46EXPL: 0

Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. Cisco IOS 12.4 y 15.0 hasta 15.4 y IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un mensaje SIP manipulado, también conocido como Bug ID CSCul46586. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip/cvrf/cisco-sa-20140924-sip_cvrf.xml http://www.securityfocus.com/bid/70141 http://www.securitytracker.com/id/1030897 https://exchange.xforce.ibmcloud.com/vulnerabilities/96174 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: 2%CPEs: 131EXPL: 0

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547. Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, y 15.3 y IOS XE 2.x y 3.x anterior a 3.7.4S; 3.2.xSE y 3.3.xSE anterior a 3.3.2SE; 3.3.xSG y 3.4.xSG anterior a 3.4.4SG; y 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de mensajes RSVP malformados, también conocido como Bug ID CSCui11547. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp/cvrf/cisco-sa-20140924-rsvp_cvrf.xml http://www.securityfocus.com/bid/70131 http://www.securityfocus.com/bid/70183 http://www.securitytracker.com/id/1030893 https://exchange.xforce.ibmcloud.com/vulnerabilities/96178 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0

Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes mDNS malformados, también conocido como Bug ID CSCul90866. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns/cvrf/cisco-sa-20140924-mdns_cvrf.xml http://www.securityfocus.com/bid/70132 http://www.securitytracker.com/id/1030898 https://exchange.xforce.ibmcloud.com/vulnerabilities/96182 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0

The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101. El módulo EnergyWise en Cisco IOS 12.2, 15.0, 15.1, 15.2 y 15.4 y IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG y 3.5.xE anterior a 3.5.3E permite a atacantes remotos causar una denegación de servicio (reinicio de dispositivo) a través de un paquete IPv4 manipulado, también conocido como Bug ID CSCup52101. • http://secunia.com/advisories/60650 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140806-energywise http://www.securityfocus.com/bid/69066 http://www.securitytracker.com/id/1030682 https://exchange.xforce.ibmcloud.com/vulnerabilities/95137 • CWE-20: Improper Input Validation •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the network or overwrite networking-services data via a crafted mDNS response, aka Bug ID CSCun64867. La implemenatción mDNS en Cisco IOS XE 3.12S no interactúa debidamente con redes autonómicas, lo que permite a atacantes remotos obtener información sensible de los servicios de red mediante la captura de trafico de red o sobrescribir datos de servicios de red a través de una respuesta mDNS manipulada, también conocido como Bug ID CSCun64867. • http://secunia.com/advisories/58715 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3290 http://tools.cisco.com/security/center/viewAlert.x?alertId=34613 http://www.securityfocus.com/bid/68021 http://www.securitytracker.com/id/1030444 • CWE-264: Permissions, Privileges, and Access Controls •