Lucene search
K

385 matches found

NVD
NVD
added 2025/05/07 6:15 p.m.15 views

CVE-2025-20137

A vulnerability in the access control list ACL programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...

4.7CVSS0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 5:35 p.m.19 views

CVE-2025-20181

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...

6.8CVSS0.00159EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 5:35 p.m.121 views

CVE-2025-20181

CVE-2025-20181 affects Cisco IOS Software on Catalyst 2960X/2960XR/2960CX/3560CX switches. Root cause: missing signature verification for files loaded during boot, enabling an attacker with physical access or a privileged user to execute persistent code at boot and break the chain of trust. Affec...

6.8CVSS7AI score0.00159EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/07 5:35 p.m.15 views

CVE-2025-20181

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...

6.8CVSS7AI score0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 5:31 p.m.11 views

CVE-2025-20137

A vulnerability in the access control list ACL programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...

4.7CVSS4.9AI score0.00228EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 5:18 p.m.81 views

CVE-2025-20154

Summary of CVE-2025-20154 (Cisco TWAMP DoS) : The vulnerability affects Cisco IOS, IOS XE, and IOS XR TWAMP server functionality. It arises from out-of-bounds array access when processing crafted TWAMP control packets, enabling an unauthenticated, remote attacker to cause a reload of the affected...

8.6CVSS8.5AI score0.00442EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/07 5:18 p.m.18 views

CVE-2025-20151 Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 SNMPv3 feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from ...

4.3CVSS4.7AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 5:18 p.m.81 views

CVE-2025-20151

CVE-2025-20151 affects Cisco IOS and IOS XE SNMPv3 configuration handling. The issue arises from how SNMPv3 settings are stored in startup configuration, allowing an authenticated remote attacker with valid SNMPv3 credentials to poll the device from a source address or interface that should be de...

4.3CVSS4.7AI score0.00328EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/07 5:18 p.m.15 views

CVE-2025-20191 Multiple Cisco Products Denial of Service Vulnerability

A vulnerability in the Switch Integrated Security Features SISF of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected...

7.4CVSS7.3AI score0.00199EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.50 views

Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches Secure Boot Bypass Vulnerability

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...

6.8CVSS7.2AI score0.00159EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.15 views

Cisco IOS Software Industrial Ethernet Switch Device Manager Privilege Escalation Vulnerability

A vulnerability in the Cisco Industrial Ethernet Switch Device Manager DM of Cisco IOS Software could allow an authenticated, remote attacker to elevate privileges. This vulnerability is due to insufficient validation of authorizations for authenticated users. An attacker could exploit this...

8.3CVSS8.4AI score0.00294EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.17 views

Cisco IOS, IOS XE, and IOS XR Software TWAMP Denial of Service Vulnerability

A vulnerability in the Two-Way Active Measurement Protocol TWAMP server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. For Cisco IOS XR Software, this...

8.6CVSS8.5AI score0.00442EPSS
Exploits0References1
Cisco
Cisco
added 2025/05/07 4:0 p.m.14 views

Cisco IOS Software on Cisco Catalyst 1000 and 2960L Switches Access Control List Bypass Vulnerability

A vulnerability in the access control list ACL programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...

4.7CVSS5.2AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.4 views

PT-2025-20263

Name of the Vulnerable Software and Affected Versions Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Cisco NX-OS Software affected versions not specified Cisco Wireless LAN Controller WLC AireOS Software affected versions not specified...

7.4CVSS5.9AI score0.00199EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.4 views

PT-2025-20256 · Cisco · Cisco Ios

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches affected versions not specified Description: A vulnerability in the software could allow an authenticated, local attacker with high privilege levels or an...

6.8CVSS6.7AI score0.00159EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.6 views

PT-2025-20268 · Cisco · Cisco Ios Xe +2

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Cisco IOx application hosting environment could allow an unauthenticated, remote attacker to cause the environment to stop...

5.3CVSS6.6AI score0.00359EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/02/18 12:0 a.m.13 views

Cisco IOS Software Intermediate System to Intermediate System DoS (cisco-sa-isis-sGjyOUHX)

According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Intermediate System-to-Intermediate System IS-IS protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS...

7.4CVSS5.6AI score0.00258EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/07 5:21 p.m.9 views

CVE-2025-20169

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

7.7CVSS6.9AI score0.00755EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/07 5:21 p.m.6 views

CVE-2025-20170

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

7.7CVSS6.9AI score0.00755EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/07 5:21 p.m.9 views

CVE-2025-20175

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...

7.7CVSS6.9AI score0.00736EPSS
Exploits0References1
Rows per page
Query Builder