CVE-2011-1625

MEDIUM Year: 2011
CVSS v2 Score
5.4
Medium
Weakness Type
CWE-362
View all →

Vulnerability Description

Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.

Related Vulnerabilities

CVE-2015-8556

CRITICAL
CVSS:10.0(Critical)

Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.

CWE-3622015

CVE-2017-2898

CRITICAL
CVSS:9.9(Critical)

An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be ins...

CWE-3622017

CVE-2020-1660

CRITICAL
CVSS:9.9(Critical)

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management ...

CWE-3622020

CVE-2016-0930

CRITICAL
CVSS:9.8(Critical)

Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH a...

CWE-3622016

CVE-2019-2006

CRITICAL
CVSS:9.8(Critical)

In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execut...

CWE-3622019

CVE-2021-32810

CRITICAL
CVSS:9.8(Critical)

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more t...

CWE-3622021