Vulnerabilities > Cisco > IOS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-25 | CVE-2019-12655 | Classic Buffer Overflow vulnerability in Cisco IOS A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.5 |
| 2019-09-25 | CVE-2019-12652 | Unspecified vulnerability in Cisco IOS 15.2(3)E1/15.2(4)E3 A vulnerability in the ingress packet processing function of Cisco IOS Software for Cisco Catalyst 4000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2019-09-25 | CVE-2019-12651 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. | 8.8 |
| 2019-09-25 | CVE-2019-12650 | OS Command Injection vulnerability in Cisco IOS and IOS XE Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. | 8.8 |
| 2019-09-25 | CVE-2019-12649 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS and IOS XE A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. | 6.7 |
| 2019-09-25 | CVE-2019-12648 | Incorrect Authorization vulnerability in Cisco IOS 15.7(3)M3 A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. | 8.8 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-03-28 | CVE-2019-1762 | Information Exposure vulnerability in Cisco IOS and IOS XE A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. | 4.4 |
| 2019-03-28 | CVE-2019-1761 | Improper Initialization vulnerability in Cisco IOS and IOS XE A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to receive potentially sensitive information from an affected device. | 4.3 |
| 2019-03-28 | CVE-2019-1758 | Improper Authentication vulnerability in Cisco IOS A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. | 4.3 |