509 matches found
Exploit for Classic Buffer Overflow in Cisco Adaptive_Security_Appliance_Software
CVE-2025-20333 Scanner A Python-based diagnostic scanner for...
Cisco Adaptive Security Appliance (ASA) Software Multiple Context File Copy (cisco-sa-asa-scpcxt-filecpy-rgeP73nE)
According to its self-reported version, Cisco ASA Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...
Cisco Adaptive Security Appliance (ASA) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)
According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacke...
CVE-2026-20104
creationtimestamp| type| source ---|---|--- 2026-03-26 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/cisco-ios-xe-multiple-vulnerabilities20260326 2026-03-26 03:00:10+00:00| seen|...
CVE-2026-20039
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...
EUVD-2026-9480
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service DoS condition...
CVE-2026-20023
A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service DoS condition...
CVE-2026-20021
Cisco Secure Firewall ASA/FTD products are affected by CVE-2026-20021 due to a flaw in the OSPF protocol input validation when parsing packets. Affected software ranges include Cisco Secure Firewall ASA and Cisco Secure Firewall Threat Defense (FTD). An authenticated, adjacent attacker can exploi...
CVE-2026-20069
A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This...
CVE-2026-20106
A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of...
CVE-2026-20103
A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of service DoS condition to n...
CVE-2026-20039 Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL VPN Authentication Denial of Service Vulnerability
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...
CVE-2026-20039 Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL VPN Authentication Denial of Service Vulnerability
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...
PT-2026-23011
A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrectly. This vulnerability is due to improper handling of new,...
CVE-2009-4912
Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876...
CVE-2009-4914
Memory leak on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to cause a denial of service memory consumption via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879...
CVE-2009-4918
Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allow remote attackers to cause a denial of service IKE process hang via malformed NAT-T packets, aka Bug ID CSCsr74439...
CVE-2009-4919
Buffer overflow on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121...
CVE-2009-4913
The IPv6 implementation on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622...
Update: Implementation Guidance for Emergency Directive on Cisco ASA and Firepower Device Vulnerabilities
CISA has released Emergency Cisco Directive 25-03 Implementation Guidance to assist federal agencies in addressing critical vulnerabilities in Cisco Adaptive Security Appliances ASA and Firepower devices. Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices, issu...