Cisco Security Vulnerabilities (CVEs)
Track 509 security vulnerabilities affecting Cisco products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This stored XSS vulnerability in Cisco APIC's web UI allows authenticated administrators to inject malicious scripts that execute when other users vie...
Feb 26, 2025This vulnerability in Cisco APIC allows authenticated local administrators to access sensitive information through insufficiently masked CLI command o...
Feb 26, 2025A heap overflow vulnerability in OpenH264 video codec library allows remote attackers to crash applications or potentially execute arbitrary code by t...
Feb 20, 2025This vulnerability allows authenticated local attackers with administrative SSH access to access sensitive information on Cisco Video Phone 8875 and C...
Feb 19, 2025This vulnerability in Cisco AnyConnect Secure Mobility Client for Mac OS allows authenticated local attackers to corrupt files via symlink attacks. At...
Feb 12, 2025An authenticated cross-site scripting (XSS) vulnerability in Cisco ISE's web management interface allows attackers with administrative credentials to ...
Feb 5, 2025This vulnerability allows unauthenticated remote attackers to bypass the antivirus scanner on Cisco Secure Web Appliance by sending crafted HTTP range...
Feb 5, 2025A vulnerability in Cisco IOS, IOS XE, and IOS XR Software allows authenticated remote attackers to cause denial of service by sending crafted SNMP req...
Feb 5, 2025A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cause denial of service by sending crafted SNMP reque...
Feb 5, 2025A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cause denial of service by sending crafted SNMP reque...
Feb 5, 2025A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cause denial of service by sending crafted SNMP reque...
Feb 5, 2025A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cause denial of service by sending crafted SNMP reque...
Feb 5, 2025A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cause denial of service by sending crafted SNMP reque...
Feb 5, 2025A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cause denial of service by sending crafted SNMP reque...
Feb 5, 2025This vulnerability allows authenticated attackers with read-only admin credentials to execute arbitrary commands as root on Cisco ISE devices via inse...
Feb 5, 2025A vulnerability in Cisco IOS and IOS XE SNMP subsystems allows authenticated remote attackers to cause denial of service by sending crafted SNMP reque...
Feb 5, 2025This vulnerability allows authenticated users with low privileges in Cisco Meeting Management to elevate their privileges to administrator level by ex...
Jan 22, 2025An authenticated cross-site scripting (XSS) vulnerability in Cisco CSPC's web management interface allows attackers with low-privileged accounts to in...
Jan 8, 2025This cross-site scripting (XSS) vulnerability in Cisco CSPC's web management interface allows authenticated attackers to inject malicious scripts. Att...
Jan 8, 2025This CVE describes multiple cross-site scripting (XSS) vulnerabilities in Cisco Crosswork Network Controller's web management interface. An authentica...
Jan 8, 2025This vulnerability allows an authenticated attacker to inject malicious scripts into Cisco Webex Teams via crafted usernames, potentially stealing sen...
Nov 18, 2024This vulnerability allows authenticated local administrators on Cisco SD-WAN vManage Software to escalate their privileges to root level. Attackers ne...
Nov 18, 2024This vulnerability in Cisco Content Security Management Appliance (SMA) allows authenticated remote attackers to access sensitive information, includi...
Nov 18, 2024This vulnerability allows authenticated remote attackers within an organization to modify other users' distribution lists in Cisco Webex Meetings. It ...
Nov 18, 2024This vulnerability allows unauthenticated remote attackers to cause high CPU usage on Cisco Email Security Appliances by sending crafted TLS packets, ...
Nov 18, 2024This vulnerability allows authenticated remote attackers to read arbitrary files on Cisco SD-WAN vManage systems through the web management interface....
Nov 18, 2024This vulnerability in Cisco Identity Services Engine (ISE) allows authenticated remote attackers to recover service account passwords saved on affecte...
Nov 18, 2024This vulnerability in Cisco Data Center Network Manager (DCNM) allows authenticated remote attackers to perform path traversal attacks via a specific ...
Nov 18, 2024This vulnerability in Cisco SD-WAN vManage software allows authenticated local attackers to gain escalated privileges by exploiting improper path vali...
Nov 18, 2024This cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager allows authenticated attackers to inject malicious scripts into ...
Nov 18, 2024This vulnerability in Cisco Integrated Management Controller (IMC) allows unauthenticated remote attackers to enumerate valid usernames by analyzing d...
Nov 18, 2024This vulnerability allows authenticated local attackers on Cisco SD-WAN devices to create or overwrite arbitrary files through insufficient input vali...
Nov 18, 2024This vulnerability allows unauthenticated remote attackers to bypass Cisco Firepower Threat Defense security rules for Ethernet Industrial Protocol tr...
Nov 15, 2024This vulnerability in Cisco ECE allows unauthenticated remote attackers to enumerate valid usernames by analyzing differences in authentication respon...
Nov 15, 2024This vulnerability allows authenticated low-privilege users to view sensitive configuration information in clear text through Cisco Firepower Manageme...
Nov 15, 2024This vulnerability allows authenticated remote attackers to bypass authorization checks in Cisco SD-WAN vManage's web management interface, potentiall...
Nov 15, 2024This vulnerability in Cisco SD-WAN vManage Software allows authenticated remote attackers to inject arbitrary commands through the web UI's device tem...
Nov 15, 2024This vulnerability in Cisco SD-WAN vManage Software allows authenticated remote attackers to bypass authorization checks and access restricted configu...
Nov 15, 2024This SQL injection vulnerability in Cisco SD-WAN vManage allows authenticated attackers to execute malicious SQL queries against the database. It affe...
Nov 15, 2024This vulnerability allows authenticated local attackers with remote support accounts to overwrite arbitrary files on Cisco TelePresence CE and RoomOS ...
Nov 15, 2024This vulnerability allows unauthenticated remote attackers to conduct cross-site scripting (XSS) attacks against users of Cisco Prime Collaboration De...
Nov 15, 2024This vulnerability allows authenticated local attackers with remote support accounts to overwrite arbitrary files on Cisco TelePresence CE and RoomOS ...
Nov 15, 2024This vulnerability allows authenticated remote attackers to execute arbitrary commands with SYSTEM privileges on Cisco IND devices by exploiting impro...
Nov 15, 2024A heap buffer overflow vulnerability in Cisco Discovery Protocol (CDP) implementation for Cisco IOS XR Software allows unauthenticated adjacent attack...
Nov 15, 2024This CSRF vulnerability in Cisco Expressway Series and TelePresence VCS REST API allows unauthenticated remote attackers to trick authenticated users ...
Nov 15, 2024This vulnerability allows an unauthenticated attacker on the same network to downgrade Cisco TelePresence CE Software on Cisco Touch 10 devices to an ...
Nov 15, 2024This vulnerability allows an unauthenticated remote attacker to impersonate a legitimate Cisco Touch 10 device during the pairing process, enabling un...
Nov 15, 2024This vulnerability allows an unauthenticated remote attacker to perform man-in-the-middle attacks against Cisco Expressway-C and TelePresence VCS devi...
Nov 15, 2024This is a cross-site scripting (XSS) vulnerability in Cisco PI and EPNM web management interfaces that allows unauthenticated attackers to execute mal...
Nov 15, 2024An integer overflow vulnerability in Snort's Modbus preprocessor allows remote attackers to cause denial of service by sending crafted Modbus traffic....
Nov 15, 2024Why Monitor Cisco Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 509+ known vulnerabilities affecting Cisco products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Cisco packages in under 60 seconds. No agents required - completely agentless scanning that works across Cisco deployments.
Free vulnerability database: Access detailed information about every Cisco CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Cisco CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
