Vulnerabilities > Cisco > IOS > 15.6.1.t1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-20 | CVE-2017-3862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. | 7.8 |
2017-04-20 | CVE-2017-3861 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. | 7.8 |
2017-04-20 | CVE-2017-3860 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS and IOS XE Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service (DoS) condition. | 7.8 |
2017-03-21 | CVE-2017-3850 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.1 |
2017-03-21 | CVE-2017-3849 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.1 |
2016-10-05 | CVE-2016-6380 | Improper Input Validation vulnerability in Cisco IOS The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (data corruption or device reload) via a crafted DNS response, aka Bug ID CSCup90532. | 8.3 |
2016-10-05 | CVE-2016-6382 | Resource Management Errors vulnerability in Cisco IOS and IOS XE Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399. | 7.8 |
2016-10-05 | CVE-2016-6381 | Resource Management Errors vulnerability in Cisco IOS Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382. | 7.1 |
2016-09-24 | CVE-2016-6412 | Improper Input Validation vulnerability in Cisco IOS 15.6(1)T1 The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773. | 4.3 |
2016-09-22 | CVE-2016-6414 | OS Command Injection vulnerability in Cisco IOS 15.6(1)T1 iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223. | 7.2 |