EUVD-2017-12966

Malware in sbrugna...

EUVD-2018-0992

Malware in sbrugna...

PT-2025-33327

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Cisco Secure Firewall Adaptive Security Appliance ASA Software affected versions not specified Cisco Secure Firewall Threat Defense FTD...

CVE-2025-20151 Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 SNMPv3 feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from ...

Cisco IOS Software and IOS XE Software Access Control Error Vulnerability

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. An access control error vulnerability exists in the Simple Network Management Protocol SNMP IPv4 access control list feature of Cisco IOS Software and IOS XE Software, which stems from the program not...

CVE-2024-20434

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this...

CVE-2024-20434

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this...

CVE-2024-20510

A vulnerability in the Central Web Authentication CWA feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list ACL, which could allow access to network resources before user authentication. Thi...

CVE-2024-20437

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for...

Cisco 多款产品安全漏洞

Cisco Firepower Threat Defense FTD and Cisco IOS XE Software are both products of Cisco, Inc.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services.Cisco IOS XE Software is an operating system. Used as a single operating system for enterprise...

CVE-2024-20278

A vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending craft...

CVE-2024-20278

A vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending craft...

CVE-2024-20306

A vulnerability in the Unified Threat Defense UTD configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have level 15 privileges on the...

CVE-2024-20324

CVE-2024-20324 – Cisco IOS XE WLC Privilege Escalation : A vulnerability in the Cisco IOS XE CLI allows an authenticated, low-privileged, local attacker to access WLAN configuration details, including passwords, due to improper privilege checks. Exploitation uses the show and show tech wireless c...

CVE-2024-20324

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords. This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and sho...

CVE-2024-20316

CVE-2024-20316 affects Cisco IOS XE Software with the Data Model Interface (DMI) when an IPv4 ACL is updated via NETCONF/RESTCONF. The issue stems from improper error handling that can reorder ACEs in an updated ACL, potentially allowing access to resources that should be protected. Concrete deta...

Rockwell Automation Stratix Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service (CVE-2016-1344)

A vulnerability in the Internet Key Exchange IKE version 2 v2 fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to an improper handling of crafted, fragmented IKEv2 packets. An...

Rockwell Automation Stratix Cisco IOS Software and IOS XE Software TCP Packet Memory Leak (CVE-2015-0646)

A vulnerability in the TCP input module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak and eventual reload of the affected device. The vulnerability is due to improper handling of certain crafted packet sequences used in establishing ...

CVE-2023-20273

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web...

CVE-2023-20273

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web...