Skip to main content

Cisco

5526 CVEs vendor

Monthly

CVE-2021-1516 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Content Security Management Appliance Email Security Appliance Web Security Appliance +1
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-1515 MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Sd Wan Vmanage
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2021-1514 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator Sd Wan Vmanage +9
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-1513 HIGH This Week

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator Vsmart Controller Firmware +8
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-1512 MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Information Disclosure Catalyst Sd Wan Manager Sd Wan Vbond Orchestrator +10
NVD
CVSS 3.1
6.0
EPSS
0.2%
CVE-2021-1511 MEDIUM This Month

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Denial Of Service Vedge 100 Firmware +7
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-1510 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Denial Of Service Vedge 100 Firmware +7
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-1509 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Cisco RCE Denial Of Service Vedge 100 Firmware +7
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-1508 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-1507 MEDIUM This Month

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Sd Wan Vmanage
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-1506 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2021-1505 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2021-1499 MEDIUM POC THREAT This Month

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Authentication Bypass Hyperflex Hx Data Platform
NVD
CVSS 3.1
5.3
EPSS
80.4%
CVE-2021-1498 CRITICAL POC KEV THREAT Emergency

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Command Injection Hyperflex Hx Data Platform
NVD
CVSS 3.1
9.8
EPSS
100.0%
CVE-2021-1497 CRITICAL POC KEV THREAT Emergency

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Command Injection Hyperflex Hx Data Platform
NVD
CVSS 3.1
9.8
EPSS
99.9%
CVE-2021-1496 HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Anyconnect Secure Mobility Client
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-1490 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Web Security Appliance
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2021-1486 MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-1478 MEDIUM This Month

A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Java Authentication Bypass Hosted Collaboration Mediation Fulfillment +1
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-1468 CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2021-1447 MEDIUM This Month

A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Content Security Management Appliance
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-1438 MEDIUM This Month

A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Wide Area Application Services
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-1430 HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Anyconnect Secure Mobility Client
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1429 HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Anyconnect Secure Mobility Client
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1428 HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Anyconnect Secure Mobility Client
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1427 HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Anyconnect Secure Mobility Client
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1426 HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Anyconnect Secure Mobility Client
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-1421 HIGH This Week

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Enterprise Nfv Infrastructure Software
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2021-1401 HIGH This Week

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Wap125 Firmware Wap131 Firmware Wap150 Firmware +3
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2021-1400 HIGH This Week

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Wap125 Firmware Wap131 Firmware Wap150 Firmware +3
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2021-1397 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Integrated Management Controller Ucs Manager Encs 5100 Firmware +22
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1365 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unified Communications Manager Im And Presence Service
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-1363 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unified Communications Manager Im And Presence Service
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-1284 HIGH This Week

A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2021-1275 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-1504 HIGH This Week

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Memory Corruption Firepower Threat Defense +1
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-1501 HIGH This Week

A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-1495 MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense Ios Xe Snort
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2021-1493 HIGH This Week

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2021-1489 MEDIUM This Month

A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Device Manager
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-1488 MEDIUM This Month

A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2021-1477 MEDIUM This Month

A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access services beyond the scope of their. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Secure Firewall Management Center
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-1476 MEDIUM This Month

A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2021-1458 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-1457 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-1456 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-1455 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-1448 HIGH This Week

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Firepower Threat Defense
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-1445 HIGH This Week

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Memory Corruption Firepower Threat Defense +1
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-1402 HIGH This Week

A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
1.4%
CVE-2021-1369 MEDIUM This Month

A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service XXE Firepower Device Manager
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2021-1256 MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Information Disclosure Firepower Threat Defense
NVD
CVSS 3.1
6.0
EPSS
0.5%
CVE-2021-1485 HIGH This Week

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Code Injection Ios Xr
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-1480 HIGH PATCH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2021-1479 CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-1475 MEDIUM PATCH This Month

Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity.

Cisco Code Injection Umbrella
NVD
CVSS 3.1
4.1
EPSS
0.7%
CVE-2021-1474 HIGH This Week

Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Code Injection Umbrella
NVD
CVSS 3.1
8.6
EPSS
0.7%
CVE-2021-1473 CRITICAL POC THREAT Emergency

Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco Rv340 Firmware Rv340W Firmware Rv345 Firmware +1
NVD
CVSS 3.1
9.8
EPSS
64.2%
CVE-2021-1472 CRITICAL POC THREAT Emergency

Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco Rv160 Firmware Rv160W Firmware Rv260 Firmware +6
NVD
CVSS 3.1
9.8
EPSS
72.5%
CVE-2021-1467 MEDIUM This Month

A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Cisco Authentication Bypass Webex Meetings
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-1463 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Unified Contact Center Express Unified Intelligence Center
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1459 CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Rv110W Firmware Rv130 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2021-1420 MEDIUM This Month

A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Webex Meetings
NVD
CVSS 3.1
4.7
EPSS
0.9%
CVE-2021-1415 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Deserialization RCE Rv340 Firmware Rv340W Firmware +2
NVD
CVSS 3.1
6.3
EPSS
1.6%
CVE-2021-1414 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Deserialization RCE Rv340 Firmware Rv340W Firmware +2
NVD
CVSS 3.1
6.3
EPSS
1.9%
CVE-2021-1413 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Deserialization RCE Rv340 Firmware Rv340W Firmware +2
NVD
CVSS 3.1
6.3
EPSS
1.6%
CVE-2021-1409 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS Unified Communications Manager Unified Communications Manager Im Presence Service +1
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1408 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS Unified Communications Manager
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1407 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS Unified Communications Manager
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1406 MEDIUM This Month

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Manager
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2021-1399 MEDIUM This Month

A vulnerability in the Self Care Portal of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Manager
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-1386 HIGH This Week

A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE Advanced Malware Protection For Endpoints Clamav +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2021-1380 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS Unified Communications Manager Unified Communications Manager Im Presence Service +1
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-1362 HIGH This Week

A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM &. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Code Injection Prime License Manager Unified Communications Manager +2
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2021-1309 HIGH This Week

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Denial Of Service Rv132W Firmware +10
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2021-1308 HIGH This Week

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Denial Of Service Rv132W Firmware +10
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2021-1251 HIGH This Week

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Denial Of Service Rv132W Firmware +10
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2021-1137 HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Catalyst Sd Wan Manager Sd Wan Vmanage
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2021-1423 MEDIUM This Month

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Aironet Access Point Software Catalyst 9800 Firmware Wireless Lan Controller Software
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-1418 MEDIUM This Month

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Microsoft Denial Of Service Jabber
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-1417 MEDIUM This Month

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Microsoft Denial Of Service Jabber
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-1411 CRITICAL Act Now

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Microsoft Denial Of Service Jabber
NVD
CVSS 3.1
9.9
EPSS
1.4%
CVE-2021-1381 MEDIUM This Month

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure Ios Xe
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2021-1376 MEDIUM This Month

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple RCE Jwt Attack Ios Xe
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-1375 MEDIUM This Month

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple RCE Jwt Attack Ios Xe
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-1374 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple XSS Ios Xe
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-1373 HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Denial Of Service Cisco Ios Xe
NVD
CVSS 3.1
8.6
EPSS
1.5%
CVE-2021-1371 MEDIUM This Month

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Privilege Escalation Ios Xe Sd Wan
NVD
CVSS 3.1
6.6
EPSS
0.3%
CVE-2021-1356 MEDIUM This Month

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service Ios Xe
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-1352 MEDIUM This Month

A vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple Memory Corruption Ios Xe
NVD
CVSS 3.1
6.5
EPSS
0.4%
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA), Cisco Email Security Appliance (ESA), and Cisco Web Security. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Content Security Management Appliance +3
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to gain access to sensitive information. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Sd Wan Vmanage
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with Administrator privileges on the underlying operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Code Injection Catalyst Sd Wan Manager +11
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Catalyst Sd Wan Manager +10
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Information Disclosure +12
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +9
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +9
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Cisco RCE +9
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in an API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the application. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Sd Wan Vmanage
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 80% CVSS 5.3
MEDIUM POC THREAT This Month

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Authentication Bypass Hyperflex Hx Data Platform
NVD
EPSS 100% CVSS 9.8
CRITICAL POC KEV THREAT Emergency

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Command Injection Hyperflex Hx Data Platform
NVD
EPSS 100% CVSS 9.8
CRITICAL POC KEV THREAT Emergency

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Command Injection Hyperflex Hx Data Platform
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Web Security Appliance
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Catalyst Sd Wan Manager +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Java +3
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the user account management system of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, local attacker to elevate their privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Content Security Management Appliance
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Wide Area Application Services
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in the install, uninstall, and upgrade processes of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to hijack DLL or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command injection attack on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Enterprise Nfv Infrastructure Software
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Wap125 Firmware +5
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to obtain. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Privilege Escalation Wap125 Firmware +5
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Integrated Management Controller +24
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unified Communications Manager Im And Presence Service
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unified Communications Manager Im And Presence Service
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the web-based messaging service interface of Cisco SD-WAN vManage Software could allow an unauthenticated, adjacent attacker to bypass authentication and authorization and modify. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Catalyst Sd Wan Manager +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco RCE Authentication Bypass +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense +1
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense +2
NVD
EPSS 1% CVSS 7.1
HIGH This Week

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Device Manager
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Firepower Threat Defense +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access services beyond the scope of their. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Secure Firewall Management Center
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Firepower Threat Defense +1
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XSS Secure Firewall Management Center
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Firepower Threat Defense
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco +3
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service XXE +1
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Code Injection +1
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE +2
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Cisco RCE +2
NVD
EPSS 1% CVSS 4.1
MEDIUM PATCH This Month

Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity.

Cisco Code Injection Umbrella
NVD
EPSS 1% CVSS 8.6
HIGH This Week

Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Code Injection Umbrella
NVD
EPSS 64% CVSS 9.8
CRITICAL POC THREAT Emergency

Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco Rv340 Firmware +3
NVD
EPSS 72% CVSS 9.8
CRITICAL POC THREAT Emergency

Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco Rv160 Firmware +8
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Cisco Authentication Bypass +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Unified Contact Center Express +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +4
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Webex Meetings
NVD
EPSS 2% CVSS 6.3
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Deserialization RCE +4
NVD
EPSS 2% CVSS 6.3
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Deserialization RCE +4
NVD
EPSS 2% CVSS 6.3
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Deserialization RCE +4
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS +3
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS +1
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Manager
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in the Self Care Portal of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Manager
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft RCE +3
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco SQLi XSS +3
NVD
EPSS 3% CVSS 8.8
HIGH This Week

A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM &. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco RCE Code Injection +4
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +12
NVD
EPSS 0% CVSS 7.4
HIGH This Week

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +12
NVD
EPSS 0% CVSS 7.4
HIGH This Week

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +12
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could allow an authenticated, local attacker to overwrite files in the flash memory of the device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Aironet Access Point Software +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Microsoft +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Microsoft +2
NVD
EPSS 1% CVSS 9.9
CRITICAL Act Now

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Microsoft +2
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with high privileges or an unauthenticated attacker with physical access to the device to open a debugging. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Apple Information Disclosure +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple RCE +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Multiple vulnerabilities in the fast reload feature of Cisco IOS XE Software running on Cisco Catalyst 3850, Cisco Catalyst 9300, and Cisco Catalyst 9300L Series Switches could allow an. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple RCE +2
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IOS XE Wireless Controller software for the Catalyst 9000 Family of switches could allow an authenticated, remote attacker to conduct a. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple XSS +1
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family Wireless. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Denial Of Service +2
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

A vulnerability in the role-based access control of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker with read-only privileges to obtain administrative privileges by using. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Apple Privilege Escalation +1
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to cause the web UI software to become unresponsive and consume. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Apple +2
NVD
Prev Page 17 of 62 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy