📦 Adaptive Security Appliance Software

This critical vulnerability in Cisco ASA and FTD VPN web servers allows authenticated remote attackers to execute arbitrary code as root. Attackers with valid VPN credentials can exploit improper inpu...

This critical vulnerability allows remote attackers to execute arbitrary code with root privileges on affected Cisco devices. Unauthenticated attackers can exploit Cisco ASA/FTD devices, while authent...

This critical vulnerability in Cisco ASA Software allows authenticated remote attackers to execute arbitrary operating system commands with root privileges via SSH. Attackers with limited user access ...

An unauthenticated remote attacker can cause affected Cisco network devices to crash and reload by sending specially crafted IKEv2 protocol messages. This vulnerability affects Cisco ASA, FTD, IOS, an...

A TLS 1.3 handshake vulnerability in Cisco ASA and FTD software allows unauthenticated remote attackers to trigger a device reload, causing denial of service. This affects organizations using affected...

This vulnerability allows authenticated remote attackers with VPN credentials to crash Cisco ASA/FTD devices via crafted HTTPS POST requests, causing denial of service. It affects systems with Dynamic...

A memory management flaw in Cisco ASA and FTD SSL VPN allows unauthenticated remote attackers to trigger device reboots via crafted SSL/TLS packets, causing denial of service. This affects organizatio...

A vulnerability in Cisco ASA and FTD software allows authenticated remote attackers to cause denial of service by sending crafted SNMP packets. The insufficient input validation in SNMP feature enable...

An unauthenticated remote attacker can send crafted ICMPv6 messages to Cisco ASA or FTD devices with IPv6 enabled, causing the device to reload and creating a denial of service condition. This affects...

This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by sending crafted requests to the SSL VPN features of Cisco ASA and FTD software, potentially forcing t...

A heap-based buffer overflow vulnerability in Cisco ASA's Clientless SSL VPN portal allows authenticated remote attackers to cause denial of service or leak sensitive memory contents. Attackers contro...

This vulnerability allows an unauthenticated remote attacker in a man-in-the-middle position to decrypt, read, modify, and re-encrypt data transmitted across affected IPsec IKEv2 VPN tunnels. It affec...

An unauthenticated remote attacker can cause a denial of service (DoS) by sending a crafted HTTPS request to Cisco ASA or FTD devices with web services interface for remote access VPN enabled. This af...

This vulnerability allows authenticated but unprivileged remote attackers to escalate privileges to level 15 (highest administrative level) on Cisco ASA and FTD devices via the web services interface....

An unauthenticated remote attacker can send a malicious HTTPS request to Cisco ASA or FTD devices, causing them to reload and creating a denial of service condition. This affects devices with the web ...

This vulnerability allows unauthenticated remote attackers to cause a denial of service (DoS) by overwhelming Cisco ASA and FTD devices with excessive connections. The improper resource management cau...

An unauthenticated remote attacker can send a malicious HTTPS request to Cisco ASA/FTD devices to trigger a denial of service condition, causing the device to reload. This affects Cisco Adaptive Secur...

A logic error in Cisco ASA and FTD software cryptography modules allows authenticated remote attackers or unauthenticated man-in-the-middle attackers to cause a denial of service by sending malicious ...

This vulnerability allows authenticated remote attackers to trigger a buffer overflow in Cisco ASA and FTD software web services interface by sending malicious HTTP requests. Successful exploitation c...

This vulnerability allows unauthenticated remote attackers to cause a denial of service by sending crafted SIP traffic through affected Cisco ASA and FTD devices. The vulnerability triggers a crash du...

An unauthenticated remote attacker can send crafted SSH messages to Cisco ASA devices to exhaust SSH resources, causing a denial of service for new SSH connections. Existing SSH sessions continue work...

This vulnerability allows unauthenticated remote attackers to temporarily deny VPN authentication for several minutes by sending crafted packets that exhaust memory resources during the authentication...

A logic error in Cisco ASA and FTD software's Network Service Group ACL implementation allows unauthenticated remote attackers to bypass configured access control rules. This affects organizations usi...

This vulnerability allows unauthenticated remote attackers to execute cross-site scripting (XSS) attacks against users accessing Cisco ASA/FTD VPN web client services. Attackers can inject malicious s...

This vulnerability in Cisco ASA and FTD software allows unauthenticated remote attackers to disrupt VPN authentication sessions by exploiting insufficient entropy. Attackers can terminate legitimate u...

This vulnerability allows authenticated remote attackers to bypass SAML authorization controls in Cisco ASA/FTD VPN services. Attackers can intercept their valid SAML token and reuse it to connect thr...