Cisco Security Vulnerabilities (CVEs)
Track 517 security vulnerabilities affecting Cisco products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This cross-site scripting (XSS) vulnerability in Cisco Webex Meetings allows an unauthenticated attacker to execute malicious JavaScript in users' bro...
Nov 15, 2024This vulnerability allows unauthenticated remote attackers to execute cross-site scripting (XSS) attacks against users of Cisco ECE's web management i...
Nov 15, 2024This vulnerability allows an unauthenticated remote attacker to bypass authentication in Cisco Modeling Labs and gain administrative access to the web...
Nov 15, 2024This SQL injection vulnerability in Cisco Nexus Dashboard Fabric Controller allows authenticated users with read-only privileges to execute arbitrary ...
Nov 6, 2024This vulnerability allows unauthenticated remote attackers to conduct cross-site scripting (XSS) attacks against Cisco ISE web management interface us...
Nov 6, 2024This stored XSS vulnerability in Cisco Unified CCMP allows authenticated attackers with Supervisor privileges to inject malicious scripts into the web...
Nov 6, 2024This vulnerability in Cisco ISE allows authenticated attackers with Super Admin credentials to read arbitrary files on the underlying OS and conduct S...
Nov 6, 2024This stored cross-site scripting (XSS) vulnerability in Cisco phone web UIs allows an authenticated remote attacker with admin credentials to inject m...
Nov 6, 2024This vulnerability in Cisco ISE allows authenticated attackers with Super Admin credentials to read or delete arbitrary files on the system. It affect...
Nov 6, 2024This stored XSS vulnerability in Cisco AsyncOS web management interfaces allows authenticated attackers to inject malicious scripts that execute when ...
Nov 6, 2024An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager web interface allows attackers to execute maliciou...
Nov 6, 2024This cross-site scripting (XSS) vulnerability in Cisco ISE's web management interface allows unauthenticated remote attackers to execute malicious scr...
Nov 6, 2024This vulnerability allows authenticated remote attackers to view sensitive information, including credentials, stored in clear text within Cisco Unifi...
Nov 6, 2024An unauthenticated remote attacker can send crafted MR PIM traffic to Cisco Enterprise Chat and Email (ECE) to trigger a denial of service in the Exte...
Nov 6, 2024An unauthenticated remote attacker can send crafted SSH messages to Cisco ASA devices to exhaust SSH resources, causing a denial of service for new SS...
Oct 23, 2024This vulnerability allows authenticated users with custom read-only roles to elevate privileges on Cisco Secure Firewall Management Center devices. At...
Oct 23, 2024This vulnerability allows unauthenticated remote attackers to temporarily deny VPN authentication for several minutes by sending crafted packets that ...
Oct 23, 2024A TLS 1.3 handshake vulnerability in Cisco ASA and FTD software allows unauthenticated remote attackers to trigger a device reload, causing denial of ...
Oct 23, 2024An authenticated SQL injection vulnerability in Cisco Secure Firewall Management Center (FMC) web interface allows administrators to execute arbitrary...
Oct 23, 2024An integer underflow vulnerability in IKEv2 processing in Cisco Secure Client (formerly AnyConnect) allows unauthenticated remote attackers to crash t...
Oct 23, 2024This vulnerability in Cisco Firepower Threat Defense (FTD) Software allows unauthenticated remote attackers to bypass geolocation-based access control...
Oct 23, 2024An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center's web interface allows remote attackers to inject mal...
Oct 23, 2024This vulnerability allows unauthenticated local attackers to access Cisco Firepower Threat Defense devices using static hard-coded credentials. Attack...
Oct 23, 2024This vulnerability allows authenticated attackers with at least Security Analyst (Read Only) privileges to execute arbitrary commands as root on Cisco...
Oct 23, 2024This vulnerability allows unauthenticated remote attackers to bypass security policies on Cisco Firepower Threat Defense devices by exploiting a logic...
Oct 23, 2024This vulnerability allows authenticated remote attackers with VPN credentials to crash Cisco ASA/FTD devices via crafted HTTPS POST requests, causing ...
Oct 23, 2024A logic error in Cisco ASA and FTD software's Network Service Group ACL implementation allows unauthenticated remote attackers to bypass configured ac...
Oct 23, 2024This stored XSS vulnerability in Cisco FMC's web management interface allows authenticated attackers to inject malicious scripts that execute when oth...
Oct 23, 2024A memory management flaw in Cisco ASA and FTD SSL VPN allows unauthenticated remote attackers to trigger device reboots via crafted SSL/TLS packets, c...
Oct 23, 2024This vulnerability allows authenticated administrators in Cisco Secure Firewall Management Center to execute arbitrary commands as root via crafted HT...
Oct 23, 2024This vulnerability allows authenticated remote attackers to read arbitrary files from the underlying operating system of Cisco Secure Firewall Managem...
Oct 23, 2024This vulnerability in Cisco Firepower Threat Defense (FTD) Software allows unauthenticated remote attackers to cause a denial of service by sending sp...
Oct 23, 2024This vulnerability allows unauthenticated remote attackers to execute cross-site scripting (XSS) attacks against users accessing Cisco ASA/FTD VPN web...
Oct 23, 2024A vulnerability in Cisco Firepower Threat Defense (FTD) and FirePOWER Services allows unauthenticated remote attackers to cause denial of service by s...
Oct 23, 2024This CVE describes a cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center's web interface that allows authenticated attackers...
Oct 23, 2024This critical vulnerability in Cisco ASA Software allows authenticated remote attackers to execute arbitrary operating system commands with root privi...
Oct 23, 2024This vulnerability in Cisco ASA and FTD software allows unauthenticated remote attackers to disrupt VPN authentication sessions by exploiting insuffic...
Oct 23, 2024This vulnerability allows authenticated remote attackers with Network Administrator privileges to execute arbitrary operating system commands on Cisco...
Oct 23, 2024This CVE describes a cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center's web interface that allows authenticated attackers...
Oct 23, 2024A vulnerability in Cisco ASA and FTD software allows authenticated remote attackers to cause denial of service by sending crafted SNMP packets. The in...
Oct 23, 2024An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Firepower Management Center's web interface allows remote attackers to inject mal...
Oct 23, 2024This vulnerability in Cisco ATA 190 Series Analog Telephone Adapters allows authenticated local attackers with high privileges to execute arbitrary co...
Oct 16, 2024This vulnerability in Cisco ATA 190 Series Analog Telephone Adapters allows unauthenticated remote attackers to modify device configuration or reboot ...
Oct 16, 2024An unauthenticated remote attacker can perform CSRF attacks against Cisco ATA 190 Series Analog Telephone Adapter web management interfaces. This allo...
Oct 16, 2024This vulnerability allows authenticated remote attackers with administrative privileges to execute arbitrary commands as root on Cisco ATA 190 Multipl...
Oct 16, 2024This vulnerability allows authenticated remote attackers with low privileges to execute commands as Admin users on Cisco ATA 190 Series Analog Telepho...
Oct 16, 2024This vulnerability allows unauthenticated remote attackers to cause a denial-of-service condition in the Cisco AnyConnect VPN server on Meraki MX and ...
Oct 2, 2024This vulnerability allows unauthenticated remote attackers to cause denial of service on Cisco Meraki MX and Z Series devices by sending crafted HTTPS...
Oct 2, 2024This vulnerability in Cisco Meraki MX and Z Series VPN gateways allows unauthenticated attackers to hijack active AnyConnect VPN sessions or prevent u...
Oct 2, 2024This vulnerability allows unauthenticated remote attackers to cause denial of service on Cisco Meraki MX and Z Series VPN gateways by sending crafted ...
Oct 2, 2024Why Monitor Cisco Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 517+ known vulnerabilities affecting Cisco products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Cisco packages in under 60 seconds. No agents required - completely agentless scanning that works across Cisco deployments.
Free vulnerability database: Access detailed information about every Cisco CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Cisco CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
