Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco application services engine vulnerabilities and exploits
(subscribe to this query)
470
VMScore
CVE-2017-12373
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote malicious user to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) att...
Cisco Adaptive Security Appliance 5505 Firmware -
Cisco Adaptive Security Appliance 5510 Firmware -
Cisco Adaptive Security Appliance 5520 Firmware -
Cisco Adaptive Security Appliance 5540 Firmware -
Cisco Adaptive Security Appliance 5550 Firmware -
446
VMScore
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1t
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
446
VMScore
CVE-2015-0291
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
3 Github repositories
2 Articles
445
VMScore
CVE-2021-1236
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote malicious user to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An ...
Cisco Ios Xe
Cisco Firepower Management Center 2.9.14.0
Cisco Firepower Management Center 2.9.15
Cisco Firepower Management Center 2.9.16
Cisco Firepower Management Center 2.9.17
Cisco Firepower Management Center 2.9.14.14
Cisco Firepower Threat Defense
Snort Snort
445
VMScore
CVE-2020-3333
A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote malicious user to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected devic...
Cisco Application Services Engine
Cisco Application Policy Infrastructure Controller 1.1(0c)
445
VMScore
CVE-2018-0277
A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to cause the ISE application server to ...
Cisco Identity Services Engine 2.1(0.474)
Cisco Identity Services Engine 2.0(1.130)
Cisco Identity Services Engine 2.2(0.470)
Cisco Identity Services Engine 2.0(0.306)
445
VMScore
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
445
VMScore
CVE-2015-8139
ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.
Ntp Ntp
445
VMScore
CVE-2015-7848
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP dae...
Ntp Ntp-dev 4.3.70
445
VMScore
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »