Vulnerabilities > Cisco > IOS XE > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2018-0170 | Use After Free vulnerability in Cisco IOS XE 16.4.1 A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition, related to the OpenDNS software. | 7.5 |
| 2018-03-28 | CVE-2018-0167 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Ios, IOS XE and IOS XR Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. | 8.8 |
| 2018-03-28 | CVE-2018-0165 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XE 15.2(3)E/Denali16.3.3 A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition, aka a Memory Leak. | 7.4 |
| 2018-03-28 | CVE-2018-0164 | Unspecified vulnerability in Cisco IOS XE 15.6(2)Sp A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge. | 8.6 |
| 2018-03-28 | CVE-2018-0159 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2018-03-28 | CVE-2018-0158 | Memory Leak vulnerability in Cisco IOS and IOS XE A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. | 8.6 |
| 2018-03-28 | CVE-2018-0157 | Unspecified vulnerability in Cisco IOS XE A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. | 8.6 |
| 2018-03-28 | CVE-2018-0156 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.5 |
| 2018-03-28 | CVE-2018-0155 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS and IOS XE A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition. | 8.6 |
| 2018-03-28 | CVE-2018-0152 | Insufficient Session Expiration vulnerability in Cisco IOS XE 16.1.1 A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device. | 8.8 |