CVE-2021-1352

MEDIUM Year: 2021
CVSS v3 Score
6.5
Medium
CVSS v2 Score
2.9
Low
Weakness Type
CWE-823
View all →

Vulnerability Description

A vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of DECnet traffic that is received by an affected device. An attacker could exploit this vulnerability by sending DECnet traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Related Vulnerabilities

CVE-2024-47893

MEDIUM
CVSS:6.5(Medium)

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory.

CWE-8232024

CVE-2022-33246

MEDIUM
CVSS:6.7(Medium)

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

CWE-8232022

CVE-2024-23377

MEDIUM
CVSS:6.7(Medium)

Memory corruption while invoking IOCTL command from user-space, when a user modifies the original packet size of the command after system properties have been already sent to the EVA driver.

CWE-8232024

CVE-2024-33036

MEDIUM
CVSS:6.7(Medium)

Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.

CWE-8232024

CVE-2024-52937

MEDIUM
CVSS:6.7(Medium)

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

CWE-8232024

CVE-2022-1420

MEDIUM
CVSS:6.8(Medium)

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.

CWE-8232022