6.4.1

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-10	CVE-2023-44487	Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco CWE-400	7.5
2022-05-03	CVE-2022-20767	Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. network low complexity cisco CWE-770	7.5
2022-04-21	CVE-2022-20795	Insufficient Verification of Data Authenticity vulnerability in Cisco Adaptive Security Appliance A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. network low complexity cisco CWE-345	7.5
2021-01-13	CVE-2021-1236	Always-Incorrect Control Flow Implementation vulnerability in multiple products Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. network low complexity cisco snort CWE-670	5.3
2021-01-13	CVE-2021-1224	Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. network low complexity cisco snort	5.3
2021-01-13	CVE-2021-1223	Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. network low complexity cisco snort	7.5
2020-05-06	CVE-2020-3334	Resource Exhaustion vulnerability in Cisco products A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. low complexity cisco CWE-400	7.4
2020-05-06	CVE-2020-3315	Exposure of Resource to Wrong Sphere vulnerability in Cisco products Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. network low complexity cisco CWE-668	5.3
2020-02-26	CVE-2020-3166	Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). local low complexity cisco CWE-20	6.7