276215 matches found
CVE-2026-20008
A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...
CVE-2026-20007
A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...
CVE-2026-20073
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper error...
CVE-2026-20073
Cisco Secure Firewall ASA and FTD platforms are affected by CVE-2026-20073 due to improper error handling when a cluster-joining device runs out of memory while replicating access control rules. An unauthenticated remote attacker could send traffic that should be blocked, potentially bypassing AC...
CVE-2026-20073 Cisco Secure Firewall Adaptive Security Appliance Software and Cisco Secure Firewall Threat Defense Software Access Control List Bypass Vulnerability
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper error...
CVE-2026-20053
Cisco CVE-2026-20053 affects multiple Cisco products via Snort 3 Visual Basic for Applications (VBA) Decompression Engine. The vulnerability stems from improper range checking when decompressing VBA data, which is user-controlled, enabling an unauthenticated, remote attacker to cause the Snort 3 ...
CVE-2026-20007
The CVE-2026-20007 issue affects Cisco Secure Firewall Threat Defense (FTD) Software with Snort 2/3 deep packet inspection. A logic error in the integration of Snort Engine rules can cause different Snort rules to be hit during deep inspection of inner and outer connections, enabling an unauthent...
CVE-2026-20106
A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of...
CVE-2026-20101
A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...
CVE-2026-20101
A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...
CVE-2026-20100
A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability
A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...
Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability
A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center FMC Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating...
Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability
A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific...
Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability
A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...
Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities
Multiple vulnerabilities in the web-based management interface and REST API of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. For more information about these vulnerabilities, see the Detai...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Cross-Site Scripting Vulnerability
A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a browser that is accessin...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability
A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities
Multiple vulnerabilities in the OSPF feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. For mor...