Vulnerabilities > Cisco > IOS XR
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-03-06 | CVE-2015-0657 | Improper Input Validation vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192. | 5.0 |
| 2015-02-21 | CVE-2015-0618 | Data Processing Errors vulnerability in Cisco Carrier Routing System and IOS XR Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241. | 7.1 |
| 2014-12-18 | CVE-2014-8014 | Data Processing Errors vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710. | 5.0 |
| 2014-11-26 | CVE-2014-8005 | Race Condition vulnerability in Cisco IOS XR Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239. | 5.0 |
| 2014-11-25 | CVE-2014-8004 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378. | 5.0 |
| 2014-10-05 | CVE-2014-3396 | Permissions, Privileges, and Access Controls vulnerability in Cisco products Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133. | 7.5 |
| 2014-09-20 | CVE-2014-3379 | Improper Input Validation vulnerability in Cisco products Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466. | 6.1 |
| 2014-09-20 | CVE-2014-3378 | Improper Input Validation vulnerability in Cisco IOS XR tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468. | 5.0 |
| 2014-09-20 | CVE-2014-3377 | Improper Input Validation vulnerability in Cisco IOS XR snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791. | 4.0 |
| 2014-09-20 | CVE-2014-3376 | Improper Input Validation vulnerability in Cisco IOS XR Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031. | 5.0 |