CVSS: 7.7EPSS: 0%CPEs: 1197EXPL: 0CVE-2025-20170 – Cisco IOS XE SNMP GET-NEXT ciscoFlashChipCode Unexpected Sign Extension Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20170
05 Feb 2025 — A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affe... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW • CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 7.7EPSS: 0%CPEs: 626EXPL: 0CVE-2025-20171 – Cisco IOS XE SNMP GET-NEXT callHomeUserDefCmdName Unexpected Sign Extension Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20171
05 Feb 2025 — A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affe... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW • CWE-248: Uncaught Exception •
CVSS: 8.8EPSS: 0%CPEs: 449EXPL: 0CVE-2025-20176 – Cisco IOS XE SNMP GET-NEXT ctspIpSgtValue Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-20176
05 Feb 2025 — A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affe... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW • CWE-248: Uncaught Exception •
CVSS: 7.7EPSS: 0%CPEs: 577EXPL: 0CVE-2025-20172 – Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20172
05 Feb 2025 — A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. For Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly, ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW • CWE-248: Uncaught Exception •
CVSS: 8.8EPSS: 0%CPEs: 609EXPL: 0CVE-2025-20173 – Cisco IOS XE SNMP GET-NEXT cContextMappingBridgeDomainIdentifier Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-20173
05 Feb 2025 — A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affe... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW • CWE-248: Uncaught Exception •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2021-1440 – Cisco IOS XR Software BGP Resource Public Key Infrastructure Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1440
18 Nov 2024 — A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically cra... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrbgp-rpki-dos-gvmjqxbk • CWE-617: Reachable Assertion •
CVSS: 4.3EPSS: 1%CPEs: 60EXPL: 0CVE-2022-20846 – Cisco IOS XR Software Cisco Discovery Protocol Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-20846
15 Nov 2024 — A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device. This vulnerability is due to a heap buffer overflow in certain Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cdp-wnALzvT2 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-20845 – Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20845
15 Nov 2024 — A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability by connecting to the device and issuing TL1 commands after being authenticated. A successful exploit could allow the attacker to cause the TL1 process to consume large amounts of memory. When the memory reache... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs4k-tl1-GNnLwC6 • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 6.1EPSS: 0%CPEs: 33EXPL: 0CVE-2022-20849 – Cisco IOS XR Software Broadband Network Gateway PPPoE Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20849
15 Nov 2024 — A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash. This vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An attacker could exploit this vulnerability by sending a sequence of specific PPPoE packets from controlled customer premises equipment (CPE). A successful expl... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bng-Gmg5Gxt • CWE-391: Unchecked Error Condition •
CVSS: 5.3EPSS: 0%CPEs: 20EXPL: 0CVE-2024-20373 – Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20373
15 Nov 2024 — A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic. This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 A... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uwBXfqww • CWE-284: Improper Access Control •