Vulnerabilities > Cisco > IOS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-27 | CVE-2019-1737 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XE A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. | 8.6 |
| 2019-01-10 | CVE-2018-0484 | Unspecified vulnerability in Cisco IOS 16.6.2/16.6.4 A vulnerability in the access control logic of the Secure Shell (SSH) server of Cisco IOS and IOS XE Software may allow connections sourced from a virtual routing and forwarding (VRF) instance despite the absence of the vrf-also keyword in the access-class configuration. | 6.5 |
| 2019-01-10 | CVE-2018-0282 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 6.8 |
| 2018-10-05 | CVE-2018-15377 | Memory Leak vulnerability in Cisco IOS 15.7(3.1S)M/Denali16.3.6/Everest16.5.1 A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. | 8.6 |
| 2018-10-05 | CVE-2018-15376 | Write-what-where Condition vulnerability in Cisco IOS 15.5(2.21)T/15.6(3)M A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. | 6.7 |
| 2018-10-05 | CVE-2018-15375 | Write-what-where Condition vulnerability in Cisco IOS 15.5(2.21)T/15.6(3)M A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. | 6.7 |
| 2018-10-05 | CVE-2018-15373 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. | 7.4 |
| 2018-10-05 | CVE-2018-15369 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 6.8 |
| 2018-10-05 | CVE-2018-0485 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a denial of service (DoS) condition on an affected device. | 8.6 |
| 2018-10-05 | CVE-2018-0475 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 7.4 |