Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-0472 | Improper Input Validation vulnerability in Cisco IOS XE 15.5(3)S5.36/16.8.1 A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. | 7.8 |
| 2018-10-05 | CVE-2018-0471 | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XE 16.6.1/16.6.2 A vulnerability in the Cisco Discovery Protocol (CDP) module of Cisco IOS XE Software Releases 16.6.1 and 16.6.2 could allow an unauthenticated, adjacent attacker to cause a memory leak that may lead to a denial of service (DoS) condition. | 6.1 |
| 2018-10-05 | CVE-2018-0470 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE 16.1.2/16.2.0/16.3(1) A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. | 7.8 |
| 2018-10-05 | CVE-2018-0469 | Double Free vulnerability in Cisco IOS XE 16.5.1 A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 7.1 |
| 2018-10-05 | CVE-2018-0467 | Improper Input Validation vulnerability in Cisco IOS XE 15.6(2)Sp/16.6.1/Everest16.6.1 A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. | 7.8 |
| 2018-10-05 | CVE-2018-0466 | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Open Shortest Path First version 3 (OSPFv3) implementation in Cisco IOS and IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. low complexity cisco | 6.1 |
| 2018-10-05 | CVE-2018-0465 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected system. | 4.3 |
| 2018-10-05 | CVE-2018-0463 | Unspecified vulnerability in Cisco Network Services Orchestrator 1.2.0 A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to gain unauthorized access to configuration data that is stored on an affected NSO system. | 5.0 |
| 2018-10-05 | CVE-2018-0462 | Improper Input Validation vulnerability in Cisco Enterprise Network Virtualization Software Nfvis6.0/Nfvis8.0 A vulnerability in the user management functionality of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a denial of service (DoS) attack against an affected system. | 6.8 |
| 2018-10-05 | CVE-2018-0460 | Incorrect Authorization vulnerability in Cisco Network Functions Virtualization Infrastructure A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read any file on an affected system. | 6.8 |