CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
07 Aug 2017 — Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit... • http://www.securityfocus.com/bid/100005 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 151EXPL: 0CVE-2013-1149
https://notcve.org/view.php?id=CVE-2013-1149
11 Apr 2013 — Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. Cisco Adaptive Security Appliances... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa •
CVSS: 6.5EPSS: 0%CPEs: 33EXPL: 0CVE-2012-5717
https://notcve.org/view.php?id=CVE-2012-5717
18 Jan 2013 — Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462. Dispositivos Cisco Adaptive Security Appliances (ASA) con firmware v8.x hasta v8.4(1) no gestiona correctamente sesiones SSH, permitiendo a usuarios remotos autenticados provocar una denegación de servicio (caída de dispositivo) establecinedo múltiple... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 69EXPL: 0CVE-2012-4643
https://notcve.org/view.php?id=CVE-2012-4643
29 Oct 2012 — The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reloa... • http://osvdb.org/86145 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2012-0378
https://notcve.org/view.php?id=CVE-2012-0378
03 May 2012 — Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow remote attackers to cause a denial of service (connection limit exceeded) by triggering a large number of stale connections that result in an incorrect value for an MPF connection count, aka Bug ID CSCtv19854. Dispositivos Cisco Adaptive Security Appliances (ASA) 5500 con software 8.0 hasta 8.4 permite a atacantes remotos provocar una denegación de servicio (exceso del límite de conexiones) realizando un gran nú... • http://www.cisco.com/web/software/280775065/89203/ASA-843-Interim-Release-Notes.html • CWE-189: Numeric Errors •
CVSS: 6.1EPSS: 0%CPEs: 33EXPL: 0CVE-2011-3285
https://notcve.org/view.php?id=CVE-2011-3285
02 May 2012 — CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101. Vulnerabilidad de ejecución CRLF en /+CSCOE+/logon.html en Cisco Adaptive Security Appliances (ASA) 5500 con software v8.0 a v8.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques... • http://www.cisco.com/web/software/280775065/37740/ASA-805-Interim-Release-Notes.html • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 9%CPEs: 89EXPL: 0CVE-2012-0358
https://notcve.org/view.php?id=CVE-2012-0358
15 Mar 2012 — Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165. Desbordamiento de búfer en el puerto de Cis... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 166EXPL: 0CVE-2012-0356
https://notcve.org/view.php?id=CVE-2012-0356
15 Mar 2012 — Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to... • http://osvdb.org/80041 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 42EXPL: 0CVE-2012-0353
https://notcve.org/view.php?id=CVE-2012-0353
15 Mar 2012 — The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441. El motor de ... • http://osvdb.org/80043 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 46EXPL: 0CVE-2012-0354
https://notcve.org/view.php?id=CVE-2012-0354
15 Mar 2012 — The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 through 8.2 before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before 8.4(3), 8.5 before 8.5(1.6), and 8.6 before 8.6(1.1) allows remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger a shun event, aka Bug ID CSCtw35765. La función de detección de amenazas de dispositivos de la... • http://osvdb.org/80044 • CWE-20: Improper Input Validation •