CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5010
https://notcve.org/view.php?id=CVE-2012-5010
27 Jun 2017 — ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.4.x before 8.4.7 Interim, 8.2.x before 8.2.5 Interim, 9.1.x before 9.1.6 Interim, ASA 5555-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5512-X Adaptive Security Appliance ASA for Application Centric Infrastructure (... • http://www.securityfocus.com/bid/99332 • CWE-254: 7PK - Security Features •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-3867
https://notcve.org/view.php?id=CVE-2017-3867
17 Mar 2017 — A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: CSCvc68229. Known Affected Releases: 9.6(2). Known Fixed Releases: 99.1(20.1) 99.1(10.2) 98.1(12.7) 98.1(1.49) 97.1(6.58) 97.1(0.134) 96.2(0.109) 9.7(1.1) 9.6(2.99) 9.6(2.8). Una vulnerabilidad en la implementac... • http://www.securityfocus.com/bid/96926 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 15%CPEs: 324EXPL: 1CVE-2017-3807 – Cisco ASA - WebVPN CIFS Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-3807
09 Feb 2017 — A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only t... • https://www.exploit-db.com/exploits/41369 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 23%CPEs: 31EXPL: 3CVE-2016-6367 – Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-6367
18 Aug 2016 — Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA. Cisco Adaptive Security Applicance (ASA) Software en versiones anteriores a 8.4(1) en dispositivos ASA 5500, ASA 5500-X, PIX y FWSM permite a usuarios locales obtener privilegios a través de comandos CLI no válidos, también conocido como Bug ID CSCtu74257 o EPICBANANA. A vulnerability in the command-... • https://www.exploit-db.com/exploits/40271 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 90%CPEs: 52EXPL: 6CVE-2016-6366 – Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2016-6366
18 Aug 2016 — Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. Desbordamiento de búfer en Cisco Adaptive Security Applicance (ASA) Software hasta la versión 9.4.2.3 en dispositivos ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, F... • https://packetstorm.news/files/id/180758 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 89%CPEs: 199EXPL: 6CVE-2016-1287 – Cisco ASA Software 8.x/9.x - IKEv1 / IKEv2 Buffer Overflow
https://notcve.org/view.php?id=CVE-2016-1287
11 Feb 2016 — Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute... • https://packetstorm.news/files/id/137100 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 175EXPL: 0CVE-2015-6325
https://notcve.org/view.php?id=CVE-2015-6325
25 Oct 2015 — Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.4), 9.2 before 9.2(4), 9.3 before 9.3(3.1), and 9.4 before 9.4(1.1) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCut03495. Cisco Adaptive Security Appliance (ASA) software 7.2 y 8.2 en versiones anteriores a 8.2(5.58), 8.3 y 8.4 en versiones anteriores a 8.4(7.29),... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 181EXPL: 0CVE-2015-6326
https://notcve.org/view.php?id=CVE-2015-6326
25 Oct 2015 — Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.6), 9.2 before 9.2(4), 9.3 before 9.3(3.5), and 9.4 before 9.4(1.5) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCuu07799. Cisco Adaptive Security Appliance (ASA) software 7.2 y 8.2 en versiones anteriores a 8.2(5.58), 8.3 y 8.4 en versiones anteriores a 8.4(7.29),... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns2 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 174EXPL: 0CVE-2015-6327
https://notcve.org/view.php?id=CVE-2015-6327
25 Oct 2015 — The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.8), 9.2 before 9.2(4), and 9.3 before 9.3(3) allows remote attackers to cause a denial of service (device reload) via crafted ISAKMP UDP packets, aka Bug ID CSCus94026. La implementación IKEv1 en Cisco Adaptive Security Appliance (ASA) software 7.2 y 8.2 en versiones anteriores a 8.2(5.58), 8.3 y 8.4 ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-ike • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0760
https://notcve.org/view.php?id=CVE-2015-0760
04 Jun 2015 — The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets, aka Bug ID CSCus47259. La implementación IKEv1 en Cisco ASA Software 7.x, 8.0.x, 8.1.x, y 8.2.x anterior a 8.2.2.13 permite a usuarios remotos autenticados evadir la autenticación XAUTH a través de paquetes IKEv1 manipulados, también conocido como Bug ID CSCus47259. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39157 • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •