CVE-2021-34770 — CVSS 10.0 (critical): A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco…
CVE-2019-12643 — CVSS 10.0 (critical): A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could allow an unauthenticated, remote attacker…
CVE-2025-20188 — CVSS 10.0 (critical): A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recording, and the client debug bundles…
CVE-2020-3227 — CVSS 9.8 (critical): A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an…
CVE-2017-12229 — CVSS 9.8 (critical): A vulnerability in the REST API of the web-based user interface (web UI) of Cisco IOS XE 3.1 through 16.5 could allow an unauthenticated…
CVE-2017-12236 — CVSS 9.8 (critical): A vulnerability in the implementation of the Locator/ID Separation Protocol (LISP) in Cisco IOS XE 3.2 through 16.5 could allow an…
CVE-2016-6441 — CVSS 9.8 (critical): A vulnerability in the Transaction Language 1 (TL1) code of Cisco ASR 900 Series routers could allow an unauthenticated, remote attacker to…
CVE-2018-0315 — CVSS 9.8 (critical): A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisco IOS XE Software could allow an…
CVE-2018-0150 — CVSS 9.8 (critical): A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release…
CVE-2021-1619 — CVSS 9.8 (critical): A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an…
CVE-2015-6280 — CVSS 9.3 (critical): The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E before 3.7.1E, 3.10S before 3.10.6S…
CVE-2015-0635 — CVSS 9.0 (critical): The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through…
CVE-2025-20363 — CVSS 9.0 (critical): A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat…
CVE-2019-12650 — CVSS 8.8 (high): Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to…
CVE-2019-1753 — CVSS 8.8 (high): A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run…
CVE-2018-0152 — CVSS 8.8 (high): A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain…
CVE-2020-3229 — CVSS 8.8 (high): A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only…
CVE-2020-3400 — CVSS 8.8 (high): A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI…
CVE-2020-3219 — CVSS 8.8 (high): A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary…
CVE-2017-12226 — CVSS 8.8 (high): A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst…
CVE-2020-3217 — CVSS 8.8 (high): A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS…
CVE-2017-6741 — CVSS 8.8 (high): A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to…
CVE-2025-20186 — CVSS 8.8 (high): A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an…
CVE-2018-0195 — CVSS 8.8 (high): A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and…
CVE-2019-12624 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an…
CVE-2017-3858 — CVSS 8.8 (high): A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands…
CVE-2019-1743 — CVSS 8.8 (high): A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes…
CVE-2017-12230 — CVSS 8.8 (high): A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote attacker to elevate…
CVE-2020-3141 — CVSS 8.8 (high): Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with…
CVE-2019-1904 — CVSS 8.8 (high): A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a…
CVE-2020-3224 — CVSS 8.8 (high): A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with…
CVE-2023-20231 — CVSS 8.8 (high): A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against…
CVE-2020-3425 — CVSS 8.8 (high): Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with…
CVE-2019-1754 — CVSS 8.8 (high): A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote…
CVE-2019-16009 — CVSS 8.8 (high): A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a…
CVE-2024-20314 — CVSS 8.6 (high): A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an…
CVE-2020-3509 — CVSS 8.6 (high): A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an…
CVE-2020-3510 — CVSS 8.6 (high): A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an…
CVE-2020-3221 — CVSS 8.6 (high): A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless…
CVE-2020-3421 — CVSS 8.6 (high): Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to…
CVE-2020-3399 — CVSS 8.6 (high): A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco…
CVE-2020-3407 — CVSS 8.6 (high): A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an…
CVE-2020-3480 — CVSS 8.6 (high): Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to…
CVE-2020-3492 — CVSS 8.6 (high): A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless…
CVE-2020-3203 — CVSS 8.6 (high): A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that…
CVE-2020-3408 — CVSS 8.6 (high): A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to…
CVE-2024-20311 — CVSS 8.6 (high): A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an…
CVE-2024-20308 — CVSS 8.6 (high): A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote…
CVE-2020-3526 — CVSS 8.6 (high): A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could…
CVE-2024-20271 — CVSS 8.6 (high): A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a…
CVE-2020-3228 — CVSS 8.6 (high): A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could…
CVE-2024-20259 — CVSS 8.6 (high): A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected…
CVE-2025-20162 — CVSS 8.6 (high): A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a…
CVE-2025-20154 — CVSS 8.6 (high): A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could…
CVE-2023-20226 — CVSS 8.6 (high): A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an…
CVE-2023-20187 — CVSS 8.6 (high): A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation…
CVE-2019-12663 — CVSS 8.6 (high): A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an…
CVE-2021-1446 — CVSS 8.6 (high): A vulnerability in the DNS application layer gateway (ALG) functionality used by Network Address Translation (NAT) in Cisco IOS XE Software…
CVE-2018-0485 — CVSS 8.6 (high): A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated…
CVE-2021-1565 — CVSS 8.6 (high): Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software…
CVE-2023-20080 — CVSS 8.6 (high): A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an…
CVE-2021-1611 — CVSS 8.6 (high): A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800…
CVE-2023-20072 — CVSS 8.6 (high): A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated…
CVE-2020-3226 — CVSS 8.6 (high): A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an…
CVE-2018-0472 — CVSS 8.6 (high): A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security…
CVE-2023-20033 — CVSS 8.6 (high): A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote…
CVE-2023-20027 — CVSS 8.6 (high): A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an…
CVE-2018-0470 — CVSS 8.6 (high): A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow…
CVE-2022-20919 — CVSS 8.6 (high): A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS…
CVE-2018-0467 — CVSS 8.6 (high): A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the…
CVE-2021-1622 — CVSS 8.6 (high): A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow…
CVE-2022-20870 — CVSS 8.6 (high): A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst…
CVE-2021-1624 — CVSS 8.6 (high): A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated…
CVE-2017-3860 — CVSS 8.6 (high): Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow…
CVE-2017-3861 — CVSS 8.6 (high): Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow…
CVE-2017-3862 — CVSS 8.6 (high): Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow…
CVE-2017-3863 — CVSS 8.6 (high): Multiple vulnerabilities in the EnergyWise module of Cisco IOS (12.2 and 15.0 through 15.6) and Cisco IOS XE (3.2 through 3.18) could allow…
CVE-2017-3864 — CVSS 8.6 (high): A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could…
CVE-2022-20856 — CVSS 8.6 (high): A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless…
CVE-2021-34768 — CVSS 8.6 (high): Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software…
CVE-2022-20848 — CVSS 8.6 (high): A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series…
CVE-2021-34769 — CVSS 8.6 (high): Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software…
CVE-2022-20847 — CVSS 8.6 (high): A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow…
CVE-2022-20837 — CVSS 8.6 (high): A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE…
CVE-2022-20697 — CVSS 8.6 (high): A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker…
CVE-2022-20678 — CVSS 8.6 (high): A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected…
CVE-2022-20683 — CVSS 8.6 (high): A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series…
CVE-2018-0157 — CVSS 8.6 (high): A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device…
CVE-2022-20682 — CVSS 8.6 (high): A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller…
CVE-2018-0164 — CVSS 8.6 (high): A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to…
CVE-2020-3225 — CVSS 8.6 (high): Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE…
CVE-2020-3414 — CVSS 8.6 (high): A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an…
CVE-2024-20455 — CVSS 8.6 (high): A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software…
CVE-2024-20436 — CVSS 8.6 (high): A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an…
CVE-2024-20433 — CVSS 8.6 (high): A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an…
CVE-2024-20467 — CVSS 8.6 (high): A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated…
CVE-2024-20464 — CVSS 8.6 (high): A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XE Software could allow an unauthenticated, remote…
CVE-2020-3359 — CVSS 8.6 (high): A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could…
CVE-2020-3527 — CVSS 8.6 (high): A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the…
CVE-2019-1747 — CVSS 8.6 (high): A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE…
CVE-2023-20227 — CVSS 8.6 (high): A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker…
CVE-2019-1740 — CVSS 8.6 (high): A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an…
CVE-2019-1737 — CVSS 8.6 (high): A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow…
CVE-2021-1373 — CVSS 8.6 (high): A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller…
CVE-2024-20480 — CVSS 8.6 (high): A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could allow…
CVE-2019-1950 — CVSS 8.4 (high): A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected…
CVE-2016-6380 — CVSS 8.1 (high): The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.15 allows remote attackers to obtain…
CVE-2021-1451 — CVSS 8.1 (high): A vulnerability in the Easy Virtual Switching System (VSS) feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and…
CVE-2021-1433 — CVSS 8.1 (high): A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer…
CVE-2024-20437 — CVSS 8.1 (high): A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a…
CVE-2018-15372 — CVSS 8.1 (high): A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality…
CVE-2023-20186 — CVSS 8.0 (high): A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could…
CVE-2022-20855 — CVSS 7.9 (high): A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points…
CVE-2021-1442 — CVSS 7.8 (high): A vulnerability in a diagnostic command for the Plug-and-Play (PnP) subsystem of Cisco IOS XE Software could allow an authenticated, local…
CVE-2020-3403 — CVSS 7.8 (high): A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying…
CVE-2020-3404 — CVSS 7.8 (high): A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to…
CVE-2010-2834 — CVSS 7.8 (high): Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka…
CVE-2010-2835 — CVSS 7.8 (high): Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka…
CVE-2011-0939 — CVSS 7.8 (high): Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of…
CVE-2011-0945 — CVSS 7.8 (high): Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before…
CVE-2011-0946 — CVSS 7.8 (high): The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial…
CVE-2011-2072 — CVSS 7.8 (high): Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and…
CVE-2011-3272 — CVSS 7.8 (high): The IP Service Level Agreement (IP SLA) functionality in Cisco IOS 15.1, and IOS XE 2.1.x through 3.3.x, allows remote attackers to cause a…
CVE-2011-3275 — CVSS 7.8 (high): Memory leak in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (memory…
CVE-2011-3276 — CVSS 7.8 (high): Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote…
CVE-2011-3277 — CVSS 7.8 (high): Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote…
CVE-2011-3278 — CVSS 7.8 (high): Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote…
CVE-2011-3279 — CVSS 7.8 (high): The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers…
CVE-2011-3282 — CVSS 7.8 (high): Unspecified vulnerability in Cisco IOS 12.2SRE before 12.2(33)SRE4, 15.0, and 15.1, and IOS XE 2.1.x through 3.3.x, when an MPLS domain is…
CVE-2012-0386 — CVSS 7.8 (high): The SSHv2 implementation in Cisco IOS 12.2, 12.4, 15.0, 15.1, and 15.2 and IOS XE 2.3.x through 2.6.x and 3.1.xS through 3.4.xS before…
CVE-2012-1311 — CVSS 7.8 (high): The RSVP feature in Cisco IOS 15.0 and 15.1 and IOS XE 3.2.xS through 3.4.xS before 3.4.2S, when a VRF interface is configured, allows…
CVE-2012-3949 — CVSS 7.8 (high): The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before…
CVE-2009-2051 — CVSS 7.8 (high): Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka…
CVE-2010-0576 — CVSS 7.8 (high): Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when…
CVE-2012-4623 — CVSS 7.8 (high): The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and…
CVE-2010-2828 — CVSS 7.8 (high): Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2…
CVE-2013-1148 — CVSS 7.8 (high): The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS…
CVE-2013-1164 — CVSS 7.8 (high): Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco…
CVE-2013-1165 — CVSS 7.8 (high): Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote…
CVE-2013-1166 — CVSS 7.8 (high): Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when…
CVE-2010-2829 — CVSS 7.8 (high): Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2…
CVE-2013-2779 — CVSS 7.8 (high): Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly…
CVE-2013-5473 — CVSS 7.8 (high): Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to…
CVE-2013-5475 — CVSS 7.8 (high): Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device…
CVE-2013-5478 — CVSS 7.8 (high): Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service…
CVE-2013-5543 — CVSS 7.8 (high): Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device…
CVE-2013-5545 — CVSS 7.8 (high): The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service…
CVE-2013-5546 — CVSS 7.8 (high): The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a…
CVE-2013-5547 — CVSS 7.8 (high): Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending…
CVE-2010-2831 — CVSS 7.8 (high): Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to…
CVE-2014-2106 — CVSS 7.8 (high): Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via…
CVE-2014-2108 — CVSS 7.8 (high): Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to…
CVE-2014-2113 — CVSS 7.8 (high): Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote…
CVE-2014-3327 — CVSS 7.8 (high): The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows…
CVE-2014-3354 — CVSS 7.8 (high): Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG…
CVE-2014-3355 — CVSS 7.8 (high): The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS…
CVE-2014-3356 — CVSS 7.8 (high): The metadata flow feature in Cisco IOS 15.1 through 15.3 and IOS XE 3.3.xXO before 3.3.1XO, 3.6.xS and 3.7.xS before 3.7.6S, and 3.8.xS…
CVE-2014-3357 — CVSS 7.8 (high): Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before…
CVE-2014-3358 — CVSS 7.8 (high): Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and…
CVE-2014-3359 — CVSS 7.8 (high): Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before…
CVE-2014-3360 — CVSS 7.8 (high): Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS…
CVE-2015-0636 — CVSS 7.8 (high): The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through…
CVE-2015-0637 — CVSS 7.8 (high): The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through…
CVE-2015-0639 — CVSS 7.8 (high): The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3.9 before 3.9.0S, 3.10 before 3.10.0S…
CVE-2015-0640 — CVSS 7.8 (high): The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before…
CVE-2015-0641 — CVSS 7.8 (high): Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before…
CVE-2015-0642 — CVSS 7.8 (high): Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through…
CVE-2015-0643 — CVSS 7.8 (high): Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through…
CVE-2015-0644 — CVSS 7.8 (high): AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S…
CVE-2015-0645 — CVSS 7.8 (high): The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.2S, 3.13 before…
CVE-2015-0646 — CVSS 7.8 (high): Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.3.xXO, 3.5.xE, 3.6.xE, 3.8.xS through…
CVE-2015-0650 — CVSS 7.8 (high): The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS…
CVE-2010-2832 — CVSS 7.8 (high): Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers…
CVE-2015-0685 — CVSS 7.8 (high): Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial…
CVE-2010-2833 — CVSS 7.8 (high): Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote…
CVE-2015-4291 — CVSS 7.8 (high): Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded…
CVE-2015-6267 — CVSS 7.8 (high): Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via…
CVE-2015-6268 — CVSS 7.8 (high): Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via…
CVE-2015-6269 — CVSS 7.8 (high): Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via…
CVE-2015-6270 — CVSS 7.8 (high): Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via…
CVE-2015-6271 — CVSS 7.8 (high): Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to…
CVE-2015-6272 — CVSS 7.8 (high): Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway is used, allows remote attackers to…
CVE-2015-6273 — CVSS 7.8 (high): Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly (VFR) by certain firewall and…