CVE-2025-20393

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-20393link is external Cisco Multiple Products Improper Input Validation Vulnerability CVE-2025-40602link is external SonicWall SMA1000 Missing...

EUVD-2025-31020

Malicious code in bioql PyPI...

CVE-2025-20314

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to improper...

Cisco IOS 安全漏洞

Cisco IOS is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in Cisco IOS that stems from incorrect IPv4 ACL handling on the switching virtual interface when the administrator enables and disables the Resilient Ethernet Protoco...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from...

CVE-2024-20398

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

Cisco IOS XR Security Vulnerability

Cisco IOS XR is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from an error in the software build process and could allow an attacker to take control of the boot configuration, which would allow the...

Cisco IOS XR Security Vulnerability

Cisco IOS and Cisco IOS XR are both operating systems developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which is caused by a code execution flaw in the image validation checking process. An authenticated attacker could exploit this vulnerability to execu...

U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage

U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targete...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from insufficient...

CVE-2023-20035

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit...

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface allows a attacker to delete any files from the file system.

The vulnerability of the command-line interface CLI of Cisco IOS XE SD-WAN software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to delete any files from the file system...

The vulnerability of the centralized management system of Cisco SD-WAN vManage, related to the disclosure of protected information, allows a perpetrator to gain access to this protected information.

The vulnerability of the centralized network management system Cisco SD-WAN vManage is related to the exposure of protected information. Exploiting this vulnerability could allow an attacker to gain access to protected information...

VulnCheck KEV: CVE-2018-0158

A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service DoS condition...

VulnCheck KEV: CVE-2018-0174

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service DoS...

CVE-2022-20624

A vulnerability in the Cisco Fabric Services over IP CFSoIP feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacke...

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN software allows a attacker to execute arbitrary commands.

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN software allows a attacker to re-record any files.

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a attacker to re-write any files at will...

PT-2021-5000 · Cisco · Cisco Ftd

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to the implementation of the Ethernet Industrial Protocol ENIP in the Cisco Firepower Threat Defense FTD Software, which is associat...