Vulnerabilities > Cisco > IOS > 15.3.3.jf5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-03-28 | CVE-2019-1761 | Improper Initialization vulnerability in Cisco IOS and IOS XE A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. | 4.3 |
| 2019-03-28 | CVE-2019-1748 | Improper Certificate Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. | 7.4 |
| 2019-03-28 | CVE-2019-1740 | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |
| 2019-03-28 | CVE-2019-1739 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-03-28 | CVE-2019-1738 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2018-03-28 | CVE-2018-0175 | Use of Externally-Controlled Format String vulnerability in Cisco Ios, IOS XE and IOS XR Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. | 8.0 |
| 2018-03-28 | CVE-2018-0167 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Ios, IOS XE and IOS XR Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. | 8.8 |
| 2017-10-19 | CVE-2017-12289 | Information Exposure vulnerability in Cisco IOS A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. | 4.4 |
| 2017-09-29 | CVE-2017-12240 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. | 9.8 |