|
247391
|
8.6 |
HIGH
Network
|
cisco
|
ios
|
A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2018-15377
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247392
|
6.7 |
MEDIUM
Local
|
cisco
|
ios
|
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values…
|
CWE-123
Write-what-where Condition
|
CVE-2018-15376
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247393
|
6.7 |
MEDIUM
Local
|
cisco
|
ios
|
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values…
|
CWE-123
Write-what-where Condition
|
CVE-2018-15375
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247394
|
6.7 |
MEDIUM
Local
|
cisco
|
ios_xe
|
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulner…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-15374
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247395
|
7.4 |
HIGH
Adjacent
|
cisco
|
ios_xe
ios
|
A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2018-15373
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247396
|
8.1 |
HIGH
Adjacent
|
cisco
|
ios_xe
|
A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, ad…
|
NVD-CWE-noinfo
|
CVE-2018-15372
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247397
|
6.7 |
MEDIUM
Local
|
cisco
|
ios_xe
|
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of …
|
CWE-287
Improper Authentication
|
CVE-2018-15371
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247398
|
6.8 |
MEDIUM
Physics
|
cisco
|
ios_rom_monitor
|
A vulnerability in Cisco IOS ROM Monitor (ROMMON) Software for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, local attacker to bypass Cisco Secure Boot validation checks and loa…
|
NVD-CWE-noinfo
|
CVE-2018-15370
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247399
|
6.8 |
MEDIUM
Network
|
cisco
|
ios_xe
ios
|
A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a d…
|
CWE-20
Improper Input Validation
|
CVE-2018-15369
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247400
|
6.7 |
MEDIUM
Local
|
cisco
|
ios_xe
|
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary comman…
|
CWE-78
OS Command
|
CVE-2018-15368
|
2024-11-21 12:50 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
