443 matches found
EUVD-2025-13897
Malicious code in bioql PyPI...
EUVD-2022-26194
Malicious code in bioql PyPI...
Cisco IOS XE Software Web Services Remote Code Execution (cisco-sa-http-code-exec-WmfP3h3O)
According to its self-reported version, Cisco IOS-XE Software is affected by a web services remote code exeuction vulnerability: - A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance ASA Software, Cisco Secure Firewall Threat Defense FTD Software, Cisco IOS...
CVE-2025-20352
A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service DoS condition on an affected device that is running Cisco IOS...
CVE-2025-20149
CVE-2025-20149 affects Cisco IOS and IOS XE CLI, where a buffer overflow in the CLI could be triggered by crafted commands from a low-privileged, authenticated user to cause an unexpected device reload (DoS). The vulnerability is local-attack accessible (LOCAL), with LOW privileges required and n...
CVE-2025-20352
A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service DoS condition on an affected device that is running Cisco IOS...
PT-2025-33327
Name of the Vulnerable Software and Affected Versions: Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Cisco Secure Firewall Adaptive Security Appliance ASA Software affected versions not specified Cisco Secure Firewall Threat Defense FTD...
CVE-2023-20227
A vulnerability in the Layer 2 Tunneling Protocol L2TP feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could explo...
PT-2025-21057 · Intel · Intel Arc +1
Name of the Vulnerable Software and Affected Versions: IntelR Arc™ and IrisR Xe graphics software versions prior to 32.0.101.6077 Description: The issue is related to improper access control for some IntelR Arc™ and IrisR Xe graphics software. This may allow an authenticated user to potentially...
CVE-2025-20200
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific...
CVE-2025-20199
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific...
CVE-2025-20186
A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to...
CVE-2025-20193
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.r This vulnerability is due to insufficient input validation. An attacker could exploit this...
CVE-2025-20140
A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...
CVE-2025-20193
CVE-2025-20193 affects the Cisco IOS XE Software web-based management interface. The root cause is insufficient input validation, enabling an authenticated, low-privilege attacker over the network to perform an injection attack that could read files from the underlying operating system. Connected...
CVE-2025-20200
The CVE-2025-20200 entry describes a privilege-escalation vulnerability in Cisco IOS XE Software CLI. An authenticated local attacker with privilege level 15 can exploit insufficient input validation when processing specific configuration commands to elevate to root on the device’s operating syst...
CVE-2025-20186
A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to...
CVE-2025-20186
A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to...
CVE-2025-20189
A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 RSP3C could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition. This vulnerability is due to...
CVE-2025-20151 Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 SNMPv3 feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from ...