Skip to main content

CWE-371

State Issues

7 CVEs Avg CVSS 6.7 MITRE
0
CRITICAL
5
HIGH
1
MEDIUM
1
LOW
0
POC
0
KEV

Monthly

CVE-2026-14685 LOW Monitor

State corruption in HdrHistogram up to version 2.2.2 allows a local, low-privileged attacker to manipulate the Count argument of the recordValueWithCount function in AbstractHistogram.java, resulting in low-integrity corruption of histogram state. The flaw affects the core metrics-recording logic of this Java library. A proof-of-concept exploit has been publicly disclosed; the project maintainer was notified via a GitHub issue but has not yet responded with a fix, leaving affected deployments without a vendor patch.

Java Information Disclosure
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.1%
CVE-2024-20455 HIGH This Week

A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service Ios Xe Ios Xe Sd Wan
NVD
CVSS 3.1
8.6
EPSS
0.7%
CVE-2020-3574 HIGH PATCH This Week

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Ip Dect 210 Firmware Ip Dect 6825 Firmware Ip Phone 8811 Firmware +5
NVD
CVSS 3.1
7.5
EPSS
7.9%
CVE-2020-3422 HIGH This Week

A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Ios Xe
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-3385 MEDIUM This Month

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware Vedge Cloud Router
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-3200 HIGH PATCH This Week

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Denial Of Service Apple iOS Ios Xe
NVD
CVSS 3.1
7.7
EPSS
1.7%
CVE-2019-1977 HIGH This Week

A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.5
EPSS
1.5%
EPSS 0% CVSS 1.9
LOW Monitor

State corruption in HdrHistogram up to version 2.2.2 allows a local, low-privileged attacker to manipulate the Count argument of the recordValueWithCount function in AbstractHistogram.java, resulting in low-integrity corruption of histogram state. The flaw affects the core metrics-recording logic of this Java library. A proof-of-concept exploit has been publicly disclosed; the project maintainer was notified via a GitHub issue but has not yet responded with a fix, leaving affected deployments without a vendor patch.

Java Information Disclosure
NVD GitHub VulDB
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service +2
NVD
EPSS 8% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Ip Dect 210 Firmware +7
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Sd Wan Firmware +1
NVD
EPSS 2% CVSS 7.7
HIGH PATCH This Week

A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Cisco Denial Of Service Apple +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability within the Endpoint Learning feature of Cisco Nexus 9000 Series Switches running in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy