CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 288EXPL: 0CVE-2022-20824 – Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-20824
25 Aug 2022 — A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected de... • https://security.netapp.com/advisory/ntap-20220923-0001 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 294EXPL: 0CVE-2022-20823 – Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20823
25 Aug 2022 — A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.2EPSS: 0%CPEs: 138EXPL: 0CVE-2019-12662 – Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-12662
25 Sep 2019 — A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service image and bypass signature verification on an affected device. The vulnerability is due to improper signature verification during the installation of an Open Virtual Appliance (OVA) image. An authenticated, local attacker could exploit this vulnerability and load a malicious, unsigned OVA image on an affected devic... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-vman • CWE-347: Improper Verification of Cryptographic Signature •