Lucene search
K
CiscoMost viewed

5226 matches found

Cisco
Cisco
•added 2025/05/07 4:0 p.m.•14 views

Cisco IOS XE Software Model-Driven Programmability Authorization Bypass Vulnerability

A vulnerability in the Network Configuration Access Control Module NACM of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior caus...

4.3CVSS4.8AI score0.00275EPSS
Exploits0References1
Cisco
Cisco
•added 2025/05/07 4:0 p.m.•14 views

Cisco IOS XE Software Web-Based Management Interface Command Injection Vulnerability

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to...

8.8CVSS9.4AI score0.01159EPSS
Exploits0References1
Cisco
Cisco
•added 2025/05/07 4:0 p.m.•14 views

Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 SNMPv3 feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from ...

4.3CVSS5AI score0.00328EPSS
Exploits0References1
Cisco
Cisco
•added 2025/03/12 4:0 p.m.•14 views

Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the...

6.7CVSS6.6AI score0.00144EPSS
Exploits0References1
Cisco
Cisco
•added 2025/02/05 4:0 p.m.•14 views

Cisco Expressway Series Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly...

6.1CVSS6AI score0.00365EPSS
Exploits0References1
Cisco
Cisco
•added 2025/02/05 4:0 p.m.•14 views

Cisco Secure Web Appliance Range Request Bypass Vulnerability

A vulnerability in a policy-based Cisco Application Visibility and Control AVC implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint. The vulnerability i...

5.8CVSS5.7AI score0.00405EPSS
Exploits0References1
Cisco
Cisco
•added 2025/01/08 4:0 p.m.•14 views

Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against users of the interface of an affected system. These vulnerabilities exist because the web-based...

4.8CVSS5.2AI score0.00256EPSS
Exploits0References1
Cisco
Cisco
•added 2025/01/08 4:0 p.m.•14 views

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due to insufficient validation of...

5.4CVSS5.3AI score0.00357EPSS
Exploits0References1
Cisco
Cisco
•added 2024/11/06 4:0 p.m.•14 views

Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability exists...

5.4CVSS5.3AI score0.00265EPSS
Exploits0References1
Cisco
Cisco
•added 2024/11/06 4:0 p.m.•14 views

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface...

5.4CVSS5.2AI score0.0027EPSS
Exploits0References1
Cisco
Cisco
•added 2024/11/06 4:0 p.m.•14 views

Cisco Meeting Management Information Disclosure Vulnerability

A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of sensitive information within the web-based management interface of...

4.3CVSS4.4AI score0.00379EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software AnyConnect Access Control List Bypass Vulnerabilities

Multiple vulnerabilities in the AnyConnect firewall for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured access control list ACL and allow traffic that should have been denied to...

5.8CVSS6.1AI score
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Cisco Secure Firewall Management Center Software HTML Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due ...

5.5CVSS5.5AI score0.00417EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Cisco Secure Firewall Management Center Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating...

6.5CVSS6.8AI score0.00782EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability

A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to deny further VPN user authentications for several...

5.3CVSS5.6AI score0.00527EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Cisco Secure Firewall Management Center Software Cluster Backup Command Injection Vulnerability

A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to...

6.1CVSS6.6AI score0.00509EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Multiple Cisco Products Snort Rate Filter Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker...

5.8CVSS5.7AI score0.00511EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software NSG Access Control List Bypass Vulnerability

A vulnerability in the Network Service Group NSG feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured access control list ACL and allow traffic that should be denied to flow...

5.8CVSS5.7AI score0.00438EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/23 4:0 p.m.•14 views

Cisco Adaptive Security Appliance and Firepower Threat Defense Software TLS Denial of Service Vulnerability

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. This...

8.6CVSS8.5AI score0.00518EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/16 4:0 p.m.•14 views

Cisco Unified Contact Center Management Portal Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal Unified CCMP could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...

6.1CVSS6AI score0.00307EPSS
Exploits0References1
Cisco
Cisco
•added 2024/10/02 4:0 p.m.•14 views

Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerabilities

Multiple vulnerabilities in the REST APIs of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to perform a limited set of network-admin functions on an affected device. For more information about these...

6.3CVSS5.6AI score0.00457EPSS
Exploits0References1
Cisco
Cisco
•added 2024/08/28 4:0 p.m.•14 views

Cisco NX-OS Software DHCPv6 Relay Agent Denial of Service Vulnerability

A vulnerability in the DHCPv6 relay agent of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of specific fields in a DHCPv6 RELAY-REPLY message. An attacker could...

8.6CVSS8.5AI score0.00784EPSS
Exploits0References1
Cisco
Cisco
•added 2024/08/21 4:0 p.m.•14 views

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF...

6.5CVSS7.8AI score0.00266EPSS
Exploits0References1
Cisco
Cisco
•added 2024/07/17 4:0 p.m.•14 views

Cisco Secure Email Gateway Server-Side Template Injection Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute arbitrary system commands on an affected device. This vulnerability is due to insufficient input validation in certain portions of the web-based...

6.5CVSS6.8AI score0.00616EPSS
Exploits0References1
Cisco
Cisco
•added 2020/08/19 4:0 p.m.•14 views

Cisco Data Center Network Manager Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intende...

6.3CVSS2.4AI score
Exploits0References1
Cisco
Cisco
•added 2015/09/09 6:2 p.m.•14 views

Cisco Email Security Appliance Format String Vulnerability

The Cisco Email Security Appliance ESA contains a vulnerability that could allow an unauthenticated, remote attacker to impact the integrity and availability of services and data on the affected device. The impact includes a partial denial of service DoS. In addition, the attacker could override...

5.8CVSS6.2AI score0.01417EPSS
Exploits0References1
Cisco
Cisco
•added 2014/04/01 7:11 p.m.•14 views

Cisco Security Manager HTTP Header Redirection Vulnerability

A vulnerability in the web framework of Cisco Security Manager could allow an unauthenticated, remote attacker to inject a crafted HTTP header, which will cause a web page redirection to a possible malicious website. The vulnerability is due to insufficient validation of user input before using i...

4.3CVSS6.3AI score0.00947EPSS
Exploits1References1
Cisco
Cisco
•added 2011/05/25 4:0 p.m.•14 views

Cisco XR 12000 Series Shared Port Adapters Interface Processor Vulnerability

...

2.9AI score
Exploits0References1
Cisco
Cisco
•added 2011/04/27 4:0 p.m.•14 views

Multiple Vulnerabilities in Cisco Unified Communications Manager

...

2AI score
Exploits0References1
Cisco
Cisco
•added 2007/01/18 4:0 p.m.•14 views

SSL/TLS Certificate and SSH Public Key Validation Vulnerability

...

2AI score
Exploits0References1
Cisco
Cisco
•added 2007/01/05 4:0 p.m.•14 views

Multiple Vulnerabilities in Cisco Secure Access Control Server

...

2.8AI score
Exploits0References1
Cisco
Cisco
•added 2006/01/26 5:0 p.m.•14 views

Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack

...

0.5AI score
Exploits0References1
Cisco
Cisco
•added 2005/11/01 4:0 p.m.•14 views

Cisco IPS MC Malformed Configuration Download Vulnerability

...

2AI score
Exploits0References1
Cisco
Cisco
•added 2004/06/09 4:0 p.m.•14 views

Cisco CatOS Telnet, HTTP and SSH Vulnerability

...

0.2AI score
Exploits0References1
Cisco
Cisco
•added 2003/05/01 4:0 p.m.•14 views

Cisco ONS15454, ONS15327, ONS15454SDH, and ONS15600 Nessus Vulnerabilities

...

1.9AI score
Exploits0References1
Cisco
Cisco
•added 2002/05/22 4:0 p.m.•14 views

Multiple Vulnerabilities in Cisco IP Telephones

...

1.7AI score
Exploits0References1Affected Software3
Cisco
Cisco
•added 2001/09/26 3:0 p.m.•14 views

Cisco Secure PIX Firewall SMTP Filtering Vulnerability

...

1.8AI score
Exploits0References1
Cisco
Cisco
•added 2001/09/06 12:0 a.m.•14 views

Cisco Secure Intrusion Detection System Signature Obfuscation Vulnerability

...

2.3AI score
Exploits0References1
Cisco
Cisco
•added 2000/04/20 1:0 p.m.•14 views

Cisco IOS Software TELNET Option Handling Vulnerability

...

1.1AI score
Exploits0References1
Cisco
Cisco
•added 1999/08/19 3:0 p.m.•14 views

CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability

...

3.4AI score
Exploits0References1
Cisco
Cisco
•added 1999/06/08 3:0 p.m.•14 views

Cisco IOS Software established Access List Keyword Error

...

3.1AI score
Exploits0References1
Cisco
Cisco
•added 1997/11/21 10:0 p.m.•14 views

TCP Loopback DoS Attack (land.c) and Cisco Devices

...

2.3AI score
Exploits0References1
Cisco
Cisco
•added 2026/05/06 4:0 p.m.•13 views

Cisco Identity Services Engine Authentication Bypass Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow a remote attacker to bypass authorization mechanisms or examine error messages to gain access to sensitive information on an affected device. For more information about these vulnerabilities, see the Details "details"...

5.3CVSS5.8AI score0.00275EPSS
Exploits0References1
Cisco
Cisco
•added 2026/05/06 4:0 p.m.•13 views

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory

Following the initial publication of the Security Advisory about a denial of service DoS condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator NSO, additional information has been made available to the Cisco Product Security Incident Response Team PSIRT. Upon...

5.8AI score
Exploits0References1
Cisco
Cisco
•added 2026/04/15 4:0 p.m.•13 views

Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.8AI score0.00533EPSS
Exploits0References1
Cisco
Cisco
•added 2026/04/01 4:0 p.m.•13 views

Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability

A vulnerability in the web interface of Cisco Smart Software Manager On-Prem SSM On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to the improper transmission of sensitive user information. An attacker could exploit this...

7.3CVSS6AI score0.00264EPSS
Exploits0References1
Cisco
Cisco
•added 2026/04/01 4:0 p.m.•13 views

Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attack...

6.1CVSS6.2AI score0.00242EPSS
Exploits0References1
Cisco
Cisco
•added 2026/04/01 4:0 p.m.•13 views

Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerability is due to improper authorization...

8CVSS5.9AI score0.0027EPSS
Exploits0References1
Cisco
Cisco
•added 2026/03/25 4:0 p.m.•13 views

Cisco IOS XE Software Denial of Service Vulnerability

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit th...

6.5CVSS5.8AI score0.00092EPSS
Exploits0References1
Cisco
Cisco
•added 2026/03/11 4:0 p.m.•13 views

Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco IOS XR Software could allow an authenticated, local attacker to execute commands as root on an underlying operating system or gain full administrative control of an affected device. For more information about these vulnerabilities, see the Details "details" secti...

8.8CVSS5.9AI score0.00172EPSS
Exploits0References1
Total number of security vulnerabilities5000