CVSS: 8.6EPSS: 15%CPEs: 15EXPL: 0CVE-2018-0155 – Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0155
28 Mar 2018 — A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when the BFD header in a BFD packet is incomplete. An attacker could exploit this vulnerability by sending a crafted BFD message to or across an affected swi... • http://www.securityfocus.com/bid/103565 • CWE-388: 7PK - Errors CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.0EPSS: 2%CPEs: 16EXPL: 0CVE-2018-0175 – Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2018-0175
28 Mar 2018 — Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664. Vulnerabilidad de cadena de formato en el subsistema LLDP (Link Layer Discovery Protocol) de Cisco IOS Software, Cisco IOS XE Software y Cisco IOS XR Software pod... • http://www.securityfocus.com/bid/103564 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-134: Use of Externally-Controlled Format String •