Vulnerabilities > Cisco > Adaptive Security Appliance Software > 9.0.4.33
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-29 | CVE-2018-0101 | Double Free vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 10.0 |
| 2017-08-07 | CVE-2017-6770 | Improper Input Validation vulnerability in Cisco products Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. | 4.2 |
| 2017-04-20 | CVE-2017-6610 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. | 7.7 |
| 2017-04-20 | CVE-2017-6609 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. | 7.7 |
| 2017-04-20 | CVE-2017-6608 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. | 8.6 |
| 2017-04-20 | CVE-2017-6607 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. | 8.7 |
| 2017-04-20 | CVE-2017-3793 | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition. | 4.0 |
| 2017-02-09 | CVE-2017-3807 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. | 8.8 |
| 2016-10-27 | CVE-2016-6432 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. | 8.1 |
| 2016-10-27 | CVE-2016-6431 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. | 7.5 |