Vulnerabilities > Cisco > IOS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-27 | CVE-2014-2113 | Improper Input Validation vulnerability in Cisco IOS and IOS XE Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540. | 7.8 |
| 2014-03-27 | CVE-2014-2112 | Improper Input Validation vulnerability in Cisco IOS The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357. | 7.8 |
| 2014-03-27 | CVE-2014-2111 | Improper Input Validation vulnerability in Cisco IOS The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996. | 7.1 |
| 2014-03-27 | CVE-2014-2109 | Improper Input Validation vulnerability in Cisco IOS The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494. | 7.8 |
| 2014-03-27 | CVE-2014-2108 | Improper Input Validation vulnerability in Cisco IOS and IOS XE Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426. | 7.8 |
| 2014-03-27 | CVE-2014-2107 | Improper Input Validation vulnerability in Cisco IOS Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789. | 7.1 |
| 2014-03-27 | CVE-2014-2106 | Improper Input Validation vulnerability in Cisco IOS and IOS XE Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898. | 7.8 |
| 2014-03-21 | CVE-2014-2124 | Resource Management Errors vulnerability in Cisco IOS Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783. | 7.1 |
| 2013-11-08 | CVE-2013-5553 | Resource Management Errors vulnerability in Cisco IOS 15.1 Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote attackers to cause a denial of service (memory consumption or device reload) by sending a crafted SIP message over (1) IPv4 or (2) IPv6, aka Bug IDs CSCuc42558 and CSCug25383. | 7.8 |
| 2013-09-27 | CVE-2013-5481 | Improper Input Validation vulnerability in Cisco IOS The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817. | 7.1 |