CVE-2015-6429

MEDIUM Year: 2015
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-19
View all →

Vulnerability Description

The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote attackers to cause a denial of service (IPsec connection termination) via a crafted IKEv1 packet to a tunnel endpoint, aka Bug ID CSCuw08236.

Related Vulnerabilities

CVE-2012-5357

CRITICAL
CVSS:9.8(Critical)

Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE p...

CWE-192012

CVE-2012-5358

CRITICAL
CVSS:9.8(Critical)

The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote attackers to read arbitrary...

CWE-192012

CVE-2014-10039

CRITICAL
CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will caus...

CWE-192014

CVE-2014-9693

CRITICAL
CVSS:9.8(Critical)

Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R0...

CWE-192014

CVE-2015-3991

CRITICAL
CVSS:9.8(Critical)

strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.

CWE-192015

CVE-2015-5344

CRITICAL
CVSS:9.8(Critical)

The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

CWE-192015