31 matches found
CVE-2025-20393
A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-20393link is external Cisco Multiple Products Improper Input Validation Vulnerability CVE-2025-40602link is external SonicWall SMA1000 Missing...
EUVD-2025-31020
Malicious code in bioql PyPI...
CVE-2025-20314
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to improper...
Cisco IOS 安全漏洞
Cisco IOS is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in Cisco IOS that stems from incorrect IPv4 ACL handling on the switching virtual interface when the administrator enables and disables the Resilient Ethernet Protoco...
Cisco IOS XE Software 安全漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from...
CVE-2024-20398
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...
Cisco IOS XR Security Vulnerability
Cisco IOS XR is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from an error in the software build process and could allow an attacker to take control of the boot configuration, which would allow the...
Cisco IOS XR Security Vulnerability
Cisco IOS and Cisco IOS XR are both operating systems developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which is caused by a code execution flaw in the image validation checking process. An authenticated attacker could exploit this vulnerability to execu...
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targete...
Cisco IOS XE Software 安全漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from insufficient...
CVE-2023-20035
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit...
VulnCheck KEV: CVE-2018-0174
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service DoS...
VulnCheck KEV: CVE-2018-0158
A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial-of-service DoS condition...
CVE-2022-20624
A vulnerability in the Cisco Fabric Services over IP CFSoIP feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacke...
PT-2021-5000 · Cisco · Cisco Ftd
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to the implementation of the Ethernet Industrial Protocol ENIP in the Cisco Firepower Threat Defense FTD Software, which is associat...
Cisco SD-WAN vManage 操作系统命令注入漏洞
Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. Cisco SD-WAN vManage has an operating system command injection vulnerability that can be exploited by a local attacker to inject arbitrary...
多款Cisco产品命令注入漏洞
Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A command injection vulnerability exists in the CLI utility tcpdump in Cisco SD-WAN Software. The vulnerability stems from the program not...
CVE-2020-3403
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device. The authenticated user must have privileged EXEC permissions on the...
Cisco Wireless LAN Controller Software Input Validation Error Vulnerability (CNVD-2020-33644)
Cisco Wireless LAN Controller WLC Software is a suite of software for configuring and managing WLCs Wireless LAN Controllers from Cisco. An input validation error vulnerability exists in the Control and Provisioning of Wireless Access Points CAPWAP protocol processor in Cisco WLC Software, which...