Vulnerabilities (CVE)

Filtered by CWE-399
Total 2548 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-6424 1 Cisco 1 Adaptive Security Appliance Software 2024-11-21 6.1 MEDIUM 6.5 MEDIUM
The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942.
CVE-2016-6423 1 Cisco 1 Ios 2024-11-21 6.3 MEDIUM 6.5 MEDIUM
The IKEv2 client and initiator implementations in Cisco IOS 15.5(3)M and IOS XE allow remote IKEv2 servers to cause a denial of service (device reload) via crafted IKEv2 packets, aka Bug ID CSCux97540.
CVE-2016-6421 1 Cisco 1 Ios Xr 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643.
CVE-2016-6409 1 Cisco 1 Ios 2024-11-21 4.3 MEDIUM 7.5 HIGH
The Data in Motion (DMo) component in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service (out-of-bounds access) via crafted traffic, aka Bug ID CSCuy54015.
CVE-2016-6407 1 Cisco 1 Web Security Appliance 2024-11-21 5.0 MEDIUM 7.5 HIGH
Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.
CVE-2016-6403 1 Cisco 1 Ios 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
The Data in Motion (DMo) application in Cisco IOS 15.6(1)T and IOS XE, when the IOx feature set is enabled, allows remote attackers to cause a denial of service via a crafted packet, aka Bug IDs CSCuy82904, CSCuy82909, and CSCuy82912.
CVE-2016-6401 1 Cisco 1 Carrier Routing System 2024-11-21 5.7 MEDIUM 5.3 MEDIUM
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via crafted IPv6-over-MPLS packets, aka Bug ID CSCva32494.
CVE-2016-6393 1 Cisco 2 Ios, Ios Xe 2024-11-21 7.1 HIGH 7.5 HIGH
The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667.
CVE-2016-6392 1 Cisco 2 Ios, Ios Xe 2024-11-21 7.8 HIGH 7.5 HIGH
Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.1 through 3.9 allow remote attackers to cause a denial of service (device restart) via a crafted IPv4 Multicast Source Discovery Protocol (MSDP) Source-Active (SA) message, aka Bug ID CSCud36767.
CVE-2016-6391 1 Cisco 1 Ios 2024-11-21 7.8 HIGH 7.5 HIGH
Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036.
CVE-2016-6386 1 Cisco 6 Ios Xe, Ios Xe 16.1, Ios Xe 3.2ja and 3 more 2024-11-21 7.8 HIGH 7.5 HIGH
Cisco IOS XE 3.1 through 3.17 and 16.1 on 64-bit platforms allows remote attackers to cause a denial of service (data-structure corruption and device reload) via fragmented IPv4 packets, aka Bug ID CSCux66005.
CVE-2016-6385 1 Cisco 2 Ios, Ios Xe 2024-11-21 7.8 HIGH 7.5 HIGH
Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service (memory consumption) via crafted image-list parameters, aka Bug ID CSCuy82367.
CVE-2016-6382 1 Cisco 2 Ios, Ios Xe 2024-11-21 7.8 HIGH 7.5 HIGH
Cisco IOS 15.2 through 15.6 and IOS XE 3.6 through 3.17 and 16.1 allow remote attackers to cause a denial of service (device restart) via a malformed IPv6 Protocol Independent Multicast (PIM) register packet, aka Bug ID CSCuy16399.
CVE-2016-6381 1 Cisco 6 Ios, Ios Xe, Ios Xe 16.1 and 3 more 2024-11-21 7.1 HIGH 7.5 HIGH
Cisco IOS 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.18 and 16.1 allow remote attackers to cause a denial of service (memory consumption or device reload) via fragmented IKEv1 packets, aka Bug ID CSCuy47382.
CVE-2016-6378 1 Cisco 1 Ios Xe 2024-11-21 7.8 HIGH 7.5 HIGH
Cisco IOS XE 3.1 through 3.17 and 16.1 through 16.2 allows remote attackers to cause a denial of service (device reload) via crafted ICMP packets that require NAT, aka Bug ID CSCuw85853.
CVE-2016-6376 1 Cisco 6 Wireless Lan Controller, Wireless Lan Controller 6.0, Wireless Lan Controller 7.0 and 3 more 2024-11-21 6.1 MEDIUM 6.5 MEDIUM
The Adaptive Wireless Intrusion Prevention System (wIPS) feature on Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allows remote attackers to cause a denial of service (device restart) via a malformed wIPS packet, aka Bug ID CSCuz40263.
CVE-2016-6375 1 Cisco 7 Wireless Lan Controller, Wireless Lan Controller Software, Wireless Lan Controller Software 6.0 and 4 more 2024-11-21 5.7 MEDIUM 5.3 MEDIUM
Cisco Wireless LAN Controller (WLC) devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service (device reload) by sending crafted Inter-Access Point Protocol (IAPP) packets and then sending a traffic stream metrics (TSM) information request over SNMP, aka Bug ID CSCuz40221.
CVE-2016-6368 1 Cisco 1 Firepower Management Center 2024-11-21 5.0 MEDIUM 8.6 HIGH
A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input validation of the fields in the PGM protocol packet. An attacker could exploit this vulnerability by sending a crafted PGM packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability affects Cisco Firepower System Software that has one or more file action policies configured and is running on any of the following Cisco products: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services; Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls; Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances; Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances; Firepower 4100 Series Security Appliances; FirePOWER 7000 Series Appliances; FirePOWER 8000 Series Appliances; Firepower 9300 Series Security Appliances; FirePOWER Threat Defense for Integrated Services Routers (ISRs); Industrial Security Appliance 3000; Sourcefire 3D System Appliances; Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. Fixed versions: 5.4.0.10 5.4.1.9 6.0.1.3 6.1.0 6.2.0. Cisco Bug IDs: CSCuz00876.
CVE-2016-6355 1 Cisco 1 Ios Xr 2024-11-21 7.8 HIGH 7.5 HIGH
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791.
CVE-2016-6308 1 Openssl 1 Openssl 2024-11-21 7.1 HIGH 5.9 MEDIUM
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.