28 matches found
VulnCheck KEV: CVE-2026-20262
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...
PT-2026-47188
CVE-2026-38500 - Cisco IOS XE Software Privilege Escalation Vulnerability CVE ID :CVE-2026-38500 Published : June 5, 2026, 2:16 p.m. | 1 hour, 6 minutes ago Description :Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further...
CVE-2026-20110
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit th...
CVE-2026-20057
CVE-2026-20057 affects multiple Cisco products via the Snort 3 VBA feature. The issue stems from lack of proper error checking when decompressing VBA data, enabling an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash and restart, resulting in a DoS (availability imp...
EUVD-2015-4321
Malware in sbrugna...
Cisco IOS XE 安全漏洞
Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE that stems from improper handling of...
PT-2025-2913 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE affected versions not specified Description: The issue concerns a system configuration buffer overwrite when the administrative distance is set. No further details are available due to the rejection or withdrawal of the CVE ID by...
Cisco Common Services Platform Collector 安全漏洞
Cisco Common Services Platform Collector is a common services platform data collector from Cisco USA. Cisco Common Services Platform Collector suffers from a stored cross-site scripting vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be...
CVE-2021-1466
A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial of service DoS condition. The vulnerability is due to incomplete bounds checks for data that is provided to...
PT-2023-9646 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: The issue is related to improper handling of frames with VLAN tag information, which could allow an unauthenticated, adjacent attacker to cause a denial of service DoS conditi...
Cisco IOS XE Software 后置链接漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE suffers from a backlink vulnerability that stems from not performing actu...
CVE-2021-40129
A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to submit a SQL query through the CSPC configuration dashboard. This vulnerability is due to insufficient input validation of uploaded files. An attacker...
Cisco SD-WAN vManage 跨站脚本漏洞
Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A cross-site scripting vulnerability exists in the API of Cisco SD-WAN vManage versions prior to 20.5.1, which stems from the API failing to...
The vulnerability of the NX-API network operating system function of Cisco NX-OS routers allows a attacker to perform CSRF attacks.
The vulnerability of the NX-API network operating system function of Cisco NX-OS routers is related to insufficient protection when entering CSRF requests. Exploiting this vulnerability can allow a remote attacker to execute a CSRF attack...
CVE-2020-3400
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this...
CVE-2019-1950 Cisco IOS XE SD-WAN Software Default Credentials Vulnerability
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configuration of an affected device. An attacker who has access to ...
CVE-2019-12704
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to view the contents of arbitrary files on an affected device. The vulnerability is due to improper input validation in the web-based managemen...
PT-2019-3319 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based user interface Web UI of Cisco IOS XE Software. These vulnerabilities could allow an authenticated, remote...
The vulnerability of Cisco Enterprise NFV Infrastructure Software (NFVIS) arises from insufficient validation of input data, allowing attackers to disclose sensitive information that should be protected.
The vulnerability of Cisco Enterprise NFV Infrastructure Software NFVIS exists due to insufficient testing of input data. Exploiting this vulnerability could allow a attacker to disclose protected information...
The vulnerability in the web interface of the Cisco IOS XE operating system allows a hacker to gain access to protected information.
The vulnerability of the Cisco IOS XE operating system’s web interface is related to configuration errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information using a specially crafted request...