Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Ios
Total 615 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4203 1 Cisco 2 Ios, Ubr10000 Cable Modem Termination System 2025-04-12 5.4 MEDIUM N/A
Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MPLS 6VPE packets quickly, aka Bug ID CSCud83396.
CVE-2015-0607 1 Cisco 1 Ios 2025-04-12 4.3 MEDIUM N/A
The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connection attempt with a blank password, aka Bug IDs CSCuo09400 and CSCun16016.
CVE-2016-6410 1 Cisco 1 Ios 2025-04-12 6.8 MEDIUM 6.5 MEDIUM
The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856.
CVE-2015-0650 1 Cisco 2 Ios, Ios Xe 2025-04-12 7.8 HIGH N/A
The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579.
CVE-2016-1378 1 Cisco 1 Ios 2025-04-12 5.0 MEDIUM 5.3 MEDIUM
Cisco IOS before 15.2(2)E1 on Catalyst switches allows remote attackers to obtain potentially sensitive software-version information via a request to the Network Mobility Services Protocol (NMSP) port, aka Bug ID CSCum62591.
CVE-2014-3263 1 Cisco 1 Ios 2025-04-12 5.4 MEDIUM N/A
The ScanSafe module in Cisco IOS 15.3(3)M allows remote attackers to cause a denial of service (device reload) via HTTPS packets that require tower processing, aka Bug ID CSCum97038.
CVE-2016-1333 1 Cisco 1 Ios 2025-04-12 6.8 MEDIUM 6.5 MEDIUM
Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OIDs, aka Bug ID CSCux89878.
CVE-2015-0708 1 Cisco 2 Ios, Ios Xe 2025-04-12 6.1 MEDIUM N/A
Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow remote attackers to cause a denial of service (device crash) by including an IA_NA option in a DHCPv6 Solicit message on the local network, aka Bug ID CSCur29956.
CVE-2016-1409 1 Cisco 4 Ios, Ios Xe, Ios Xr and 1 more 2025-04-12 5.0 MEDIUM 7.5 HIGH
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.
CVE-2015-0649 1 Cisco 1 Ios 2025-04-12 7.8 HIGH N/A
Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514.
CVE-2012-5037 1 Cisco 3 Catalyst 6500, Catalyst 7600, Ios 2025-04-12 4.6 MEDIUM N/A
The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133.
CVE-2012-5422 1 Cisco 5 As5400 Universal Gateway, As5400hpx Universal Gateway, As5400xm Media Gateway and 2 more 2025-04-12 6.8 MEDIUM N/A
Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009.
CVE-2015-6359 1 Cisco 1 Ios 2025-04-12 6.1 MEDIUM N/A
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on ASR devices mishandles internal tables, which allows remote attackers to cause a denial of service (memory consumption or device crash) via a flood of crafted ND messages, aka Bug ID CSCup28217.
CVE-2012-5427 1 Cisco 1 Ios 2025-04-12 4.0 MEDIUM N/A
Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug ID CSCuc42518.
CVE-2015-4185 1 Cisco 1 Ios 2025-04-12 6.9 MEDIUM N/A
The TCL interpreter in Cisco IOS 15.2 does not properly maintain the vty state, which allows local users to gain privileges by starting a session very soon after a TCL script execution, aka Bug ID CSCuq24202.
CVE-2014-2113 1 Cisco 2 Ios, Ios Xe 2025-04-12 7.8 HIGH N/A
Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.
CVE-2014-3268 1 Cisco 2 Ios, Unified Border Element 2025-04-12 5.0 MEDIUM N/A
Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packets, aka Bug ID CSCuj72215.
CVE-2015-6375 1 Cisco 1 Ios 2025-04-12 2.1 LOW N/A
The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010.
CVE-2015-0586 1 Cisco 2 2900 Integrated Service Router, Ios 2025-04-12 7.8 HIGH N/A
The Network-Based Application Recognition (NBAR) protocol implementation in Cisco IOS 15.3(100)M and earlier on Cisco 2900 Integrated Services Router (aka Cisco Internet Router) devices allows remote attackers to cause a denial of service (NBAR process hang) via IPv4 packets, aka Bug ID CSCuo73682.
CVE-2015-0647 1 Cisco 1 Ios 2025-04-12 7.8 HIGH N/A
Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) UDP packets, aka Bug ID CSCum98371.