Vulnerabilities > Cisco > IOS XE > 16.10.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-25 | CVE-2019-12660 | Exposure of Resource to Wrong Sphere vulnerability in Cisco IOS XE A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. | 5.5 |
| 2019-09-25 | CVE-2019-12659 | Resource Exhaustion vulnerability in Cisco IOS XE 16.10.1 A vulnerability in the HTTP server code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the HTTP server to crash. | 7.5 |
| 2019-09-25 | CVE-2019-12653 | Improper Input Validation vulnerability in Cisco IOS XE 16.10.1/16.9 A vulnerability in the Raw Socket Transport feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-09-25 | CVE-2019-12646 | Improper Initialization vulnerability in Cisco IOS XE A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-03-28 | CVE-2019-1747 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. | 8.6 |