Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
•added 2025/05/07 4:0 p.m.•15 views

Cisco Catalyst SD-WAN Manager Certificate Validation Vulnerability

A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper validation of certificates that are used by the Smar...

5.9CVSS5.9AI score0.00242EPSS
Exploits0References1
Cisco
Cisco
•added 2025/05/07 4:0 p.m.•15 views

Cisco IOS XE Wireless Controller Software Unauthorized User Deletion Vulnerability

A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby...

6.5CVSS6.8AI score0.0036EPSS
Exploits0References1
Cisco
Cisco
•added 2025/03/12 4:0 p.m.•15 views

Cisco IOS XR Software for ASR 9000 Series Routers IPv4 Unicast Packets Denial of Service Vulnerability

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

8.6CVSS8.6AI score0.00507EPSS
Exploits0References1
Cisco
Cisco
•added 2025/03/12 4:0 p.m.•15 views

Cisco IOS XR Software Secure Boot Bypass Vulnerability

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges o...

6.7CVSS6.4AI score0.00104EPSS
Exploits0References1
Cisco
Cisco
•added 2024/11/06 4:0 p.m.•15 views

Cisco 7800, 8800, and 9800 Series Phones Information Disclosure Vulnerability

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...

5.3CVSS5.2AI score0.0045EPSS
Exploits0References1
Cisco
Cisco
•added 2024/11/06 4:0 p.m.•15 views

Cisco Unified Communications Manager IM & Presence Service Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the storage of unencrypted credentia...

6.5CVSS6.3AI score0.00435EPSS
Exploits0References1
Cisco
Cisco
•added 2024/11/06 4:0 p.m.•15 views

Cisco Identity Services Engine Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow a remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface, perform a path traversal attack, read and delete arbitrary files on an affected device, or conduct a...

6.1CVSS5.3AI score0.00601EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•15 views

Cisco Secure Firewall Management Center Software Arbitrary File Read Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability exists becau...

6.5CVSS6.3AI score0.00615EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•15 views

Cisco Secure Firewall Management Center Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability ...

9.9CVSS9.8AI score0.00941EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•15 views

Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Appliances TCP UDP Snort 2 and Snort 3 Denial of Service Vulnerability

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart...

8.6CVSS8.6AI score0.00666EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•15 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access VPN Brute Force Denial of Service Vulnerability

A vulnerability in the Remote Access VPN RAVPN service of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of the RAVPN service. This vulnerability is due to resource...

5.8CVSS6.2AI score0.15953EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/02 4:0 p.m.•15 views

Cisco Small Business RV042, RV042G, RV320, and RV325 Routers Denial of Service and Remote Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow a remote attacker to execute arbitrary commands on the underlying operating system of an affected device or cause a denial of service DoS condition. For more...

6.8CVSS7.5AI score0.00674EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/02 4:0 p.m.•15 views

Cisco Identity Services Engine Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to a lack of proper data protection mechanisms for certain configuration...

6.5CVSS6.2AI score0.00294EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/02 4:0 p.m.•15 views

Cisco Expressway Series Privilege Escalation Vulnerability

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have Administrator-level...

6CVSS6.5AI score0.0055EPSS
Exploits0References1
Cisco
Cisco
•added 2024/09/25 4:0 p.m.•15 views

Cisco Catalyst Center Static SSH Host Key Vulnerability

A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability...

7.5CVSS7.6AI score0.00384EPSS
Exploits0References1
Cisco
Cisco
•added 2024/09/25 4:0 p.m.•15 views

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based...

6.4CVSS5.7AI score0.00313EPSS
Exploits0References1
Cisco
Cisco
•added 2024/09/11 4:0 p.m.•15 views

Cisco IOS XR Software UDP Packet Memory Exhaustion Vulnerability

A vulnerability in the multicast traceroute version 2 Mtrace2 feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An...

8.6CVSS8.1AI score0.00596EPSS
Exploits0References1
Cisco
Cisco
•added 2024/09/11 4:0 p.m.•15 views

Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

8.8CVSS8.1AI score0.00212EPSS
Exploits0References1
Cisco
Cisco
•added 2024/07/17 4:0 p.m.•15 views

Cisco Expressway Series Open Redirect Vulnerability

A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this...

4.7CVSS4.9AI score0.00378EPSS
Exploits0References1
Cisco
Cisco
•added 2024/07/17 4:0 p.m.•15 views

Cisco Intelligent Node Software Static Key Vulnerability

A vulnerability in Cisco Intelligent Node iNode Software could allow an unauthenticated, remote attacker to hijack the TLS connection between Cisco iNode Manager and associated intelligent nodes and send arbitrary traffic to an affected device. This vulnerability is due to the presence of...

7.5CVSS7.6AI score0.00194EPSS
Exploits0References1
Cisco
Cisco
•added 2022/01/12 4:0 p.m.•15 views

Cisco Prime Access Registrar Appliance Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the device. This vulnerability i...

4.8CVSS5.5AI score0.00436EPSS
Exploits0References1
Cisco
Cisco
•added 2020/08/05 4:0 p.m.•15 views

Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient...

6.1CVSS1.2AI score0.0083EPSS
Exploits0References1
Cisco
Cisco
•added 2020/02/19 4:0 p.m.•15 views

Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability

A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...

9.8CVSS9.5AI score0.02519EPSS
Exploits0References1
Cisco
Cisco
•added 2017/01/25 4:0 p.m.•15 views

Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability

A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit MCU Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service DoS condition. The vulnerability is due to improper size validation when...

9.8CVSS9.8AI score0.06836EPSS
Exploits0References1
Cisco
Cisco
•added 2015/03/09 9:50 p.m.•15 views

Row Hammer Privilege Escalation Vulnerability

On March 9, 2015, new research was published that takes advantage of a flaw in double data rate type 3 DDR3 synchronous dynamic random-access memory SDRAM to perform privilege escalation attacks on systems that contain the affected hardware. The flaw is known as Row Hammer. To attempt an attack,...

7.8AI score
Exploits0References1
Cisco
Cisco
•added 2014/05/22 3:1 p.m.•15 views

Cisco Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient input validation of a parameter. An attacker could exploit this...

4.3CVSS5.6AI score0.01161EPSS
Exploits0References1
Cisco
Cisco
•added 2014/03/27 4:2 p.m.•15 views

Cisco Prime Security Manager Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Prime Security Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface on the affected system. The vulnerability is due to insufficient input validation of several...

4.3CVSS5.4AI score0.01792EPSS
Exploits1References1
Cisco
Cisco
•added 2013/09/12 9:16 p.m.•15 views

Cisco Prime LAN Management Solution Cross-Frame Scripting Vulnerability

A vulnerability in Cisco Prime LAN Management Solution could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an...

4.3CVSS0.7AI score0.01169EPSS
Exploits0References1
Cisco
Cisco
•added 2012/11/07 4:0 p.m.•15 views

Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue

The Cisco Product Security Incident Response Team PSIRT would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.21SV15.2 with deployments that have Cisco Virtual Security Gateway VSG...

7.2AI score
Exploits0References1
Cisco
Cisco
•added 2011/09/07 4:0 p.m.•15 views

Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability

...

2.4AI score
Exploits0References1
Cisco
Cisco
•added 2004/12/15 4:0 p.m.•15 views

Cisco Unity Integrated with Exchange Has Default Passwords

...

2.6AI score
Exploits0References1
Cisco
Cisco
•added 2004/01/29 6:0 p.m.•15 views

Buffer Overrun in Microsoft Windows 2000 Workstation Service (MS03-049)

...

2.6AI score
Exploits0References1
Cisco
Cisco
•added 2003/12/15 4:0 p.m.•15 views

Cisco FWSM Vulnerabilities

...

2AI score
Exploits0References1
Cisco
Cisco
•added 2003/04/24 8:0 a.m.•15 views

Cisco Security Advisory: Cisco Catalyst Enable Password Bypass Vulnerability

...

2.3AI score
Exploits0References1
Cisco
Cisco
•added 2003/01/26 5:30 a.m.•15 views

Microsoft SQL Server 2000 Vulnerabilities in Cisco Products - MS02-061

...

2.4AI score
Exploits0References1
Cisco
Cisco
•added 2002/10/31 4:0 p.m.•15 views

Cisco ONS15454 and Cisco ONS15327 Vulnerabilities

...

1.7AI score
Exploits0References1Affected Software1
Cisco
Cisco
•added 2002/10/04 3:30 p.m.•15 views

Predefined Restriction Tables Allow Calls to International Operator

...

3AI score
Exploits0References1
Cisco
Cisco
•added 2002/09/05 3:0 p.m.•15 views

Cisco VPN Client Multiple Vulnerabilities - Second Set

...

1.8AI score
Exploits0References1Affected Software2
Cisco
Cisco
•added 2002/01/09 4:0 p.m.•15 views

Multiple Vulnerabilities in Cisco SN 5420 Storage Routers

...

2.6AI score
Exploits0References1
Cisco
Cisco
•added 2001/08/23 4:0 a.m.•15 views

CBOS Web-based Configuration Utility Vulnerability

...

1.9AI score
Exploits0References1
Cisco
Cisco
•added 2001/06/27 3:0 p.m.•15 views

Multiple SSH Vulnerabilities

...

1.5AI score
Exploits0References1
Cisco
Cisco
•added 2000/08/03 3:0 p.m.•15 views

Possible Access Control Bypass and Denial of Service in Gigabit Switch Routers Using Gigabit Ethernet or Fast Ethernet Cards

...

4.4AI score
Exploits0References1
Cisco
Cisco
•added 1997/10/01 4:0 p.m.•15 views

Cisco CHAP Authentication Vulnerabilities

...

2.4AI score
Exploits0References1
Cisco
Cisco
•added 2026/04/15 4:0 p.m.•14 views

Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file syst...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References1
Cisco
Cisco
•added 2026/04/15 4:0 p.m.•14 views

Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To exploit these vulnerabilities, the attacker mu...

9.9CVSS6.4AI score0.10944EPSS
Exploits0References1
Cisco
Cisco
•added 2026/03/25 4:0 p.m.•14 views

Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...

4.8CVSS6AI score0.00194EPSS
Exploits0References1
Cisco
Cisco
•added 2026/03/11 4:0 p.m.•14 views

Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

6.8CVSS5.8AI score0.00318EPSS
Exploits0References1
Cisco
Cisco
•added 2026/02/25 4:0 p.m.•14 views

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an unauthenticated, remote attacker to bypass authentication a...

10CVSS8.5AI score0.57793EPSS
Exploits9References1
Cisco
Cisco
•added 2025/09/24 4:0 p.m.•14 views

Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required...

8.1CVSS7.1AI score0.00435EPSS
Exploits0References1
Cisco
Cisco
•added 2025/05/21 4:0 p.m.•14 views

Cisco Identity Services Engine RADIUS Denial of Service Vulnerability

A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain RADIUS requests. An attacker...

8.6CVSS7.6AI score0.00667EPSS
Exploits0References1
Total number of security vulnerabilities5000