Cisco Security Vulnerabilities (CVEs)

This vulnerability allows authenticated administrators on affected Cisco Small Business routers to execute arbitrary code with root privileges by send...

This vulnerability allows authenticated administrators on Cisco Small Business routers to send crafted HTTP requests that cause the device to unexpect...

This vulnerability allows authenticated administrators on Cisco Small Business routers to send crafted HTTP requests that cause the device to unexpect...

This vulnerability allows authenticated administrators on affected Cisco Small Business routers to execute arbitrary code with root privileges by send...

This vulnerability allows authenticated low-privileged attackers to upload or delete files on Cisco NDFC devices via a specific REST API endpoint with...

This vulnerability in Cisco Nexus Dashboard Insights allows attackers who obtain tech support files to view remote controller admin credentials in cle...

An authenticated attacker with Read-Only Administrator privileges in Cisco Identity Services Engine (ISE) can exploit improper data protection mechani...

This vulnerability allows authenticated remote attackers with network-admin privileges to execute arbitrary commands on Cisco Nexus Dashboard Fabric C...

This vulnerability allows authenticated remote attackers with low privileges to execute arbitrary code as root on Cisco Nexus Dashboard Fabric Control...

This vulnerability in Cisco Small Business VPN routers allows authenticated remote attackers to escalate privileges from guest to admin by exploiting ...

This vulnerability allows authenticated low-privileged attackers to access sensitive configuration information through a specific REST API endpoint in...

This vulnerability allows authenticated administrators to execute arbitrary commands through the Redfish API on affected Cisco UCS servers, potentiall...

An unauthenticated remote attacker can bypass security policies or cause denial of service on Cisco IOS XE devices with UTD Snort IPS Engine by sendin...

This vulnerability allows unauthenticated remote attackers to bypass configured IPv4 access control lists on affected Cisco switches when Resilient Et...

An unauthenticated remote attacker can cause Cisco routers to crash and reload by sending specially crafted fragmented IPv4 packets, resulting in deni...

An unauthenticated remote attacker can send specially crafted IPv4 DHCP packets to Cisco IOS XE SD-Access fabric edge nodes, causing high CPU utilizat...

An unauthenticated remote attacker can cause Cisco IOS XE devices to crash and reload by sending crafted HTTP requests to specific URLs when the Telem...

This vulnerability allows unauthenticated remote attackers to cause a denial of service (DoS) by sending crafted traffic through SD-WAN IPsec tunnels ...

This vulnerability allows an unauthenticated remote attacker to impersonate a Cisco Catalyst Center appliance due to a static SSH host key. Attackers ...

An unauthenticated remote attacker can send specially crafted RSVP packets to vulnerable Cisco devices, causing a buffer overflow that forces the devi...

This vulnerability allows authenticated local attackers to execute arbitrary code with SYSTEM privileges on Windows systems running vulnerable Cisco M...

This vulnerability allows authenticated attackers with Administrator privileges on Cisco Routed PON Manager or direct MongoDB access to execute arbitr...

This vulnerability in Cisco IOS XR Software allows authenticated local attackers with valid credentials to read any file on the underlying Linux file ...

This vulnerability allows authenticated remote attackers to bypass authorization checks in the JSON-RPC API of affected Cisco products, enabling unaut...

This vulnerability in Cisco IOS XR Software allows authenticated local attackers with low-privileged accounts to gain root-level file system access th...

This vulnerability in Cisco IOS XR Software allows unauthenticated remote attackers to send crafted Mtrace2 packets that exhaust UDP packet memory, ca...

This vulnerability in Cisco Duo Epic for Hyperdrive allows authenticated local attackers to view sensitive information stored unencrypted in a registr...

This vulnerability allows authenticated administrators on Cisco Identity Services Engine (ISE) to execute arbitrary commands on the underlying operati...

This CVE describes a Python sandbox escape vulnerability in Cisco NX-OS Software that allows authenticated local attackers with Python execution privi...

This vulnerability allows authenticated local attackers with Python execution privileges on Cisco NX-OS devices to escape the Python sandbox and execu...

Multiple SQL injection vulnerabilities in Cisco ISE's REST API allow authenticated attackers to execute arbitrary SQL queries. This could lead to unau...

This CSRF vulnerability in Cisco ISE's web management interface allows unauthenticated remote attackers to trick authenticated users into executing ma...

An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager web interface allows attackers to execute maliciou...

An unauthenticated remote attacker can send a specially crafted SIP message to Cisco Unified Communications Manager systems, causing them to reload an...

This vulnerability allows an authenticated attacker with low privileges to conduct cross-site scripting (XSS) attacks against users of Cisco ISE's web...

This vulnerability in Cisco AsyncOS for Secure Web Appliance allows authenticated local attackers with guest credentials to execute arbitrary commands...

A vulnerability in Cisco Webex App's protocol handlers could allow remote attackers to capture sensitive information like credentials by tricking user...

This vulnerability allows attackers to intercept and manipulate TLS communications between Cisco iNode Manager and intelligent nodes due to hard-coded...

This vulnerability allows authenticated local attackers with root-system privileges on Cisco IOS XR devices to bypass Secure Boot functionality and lo...

This vulnerability allows authenticated users with Administrator credentials to execute arbitrary commands as root on Cisco NX-OS devices through comm...

This vulnerability in Cisco Finesse's web management interface allows an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS...

This SQL injection vulnerability in Cisco Firepower Management Center (FMC) allows authenticated attackers with at least Read Only credentials to exec...

This vulnerability allows authenticated remote attackers to bypass SAML authorization controls in Cisco ASA/FTD VPN services. Attackers can intercept ...

This vulnerability allows unauthenticated remote attackers to bypass Cisco Snort IPS rules by sending specially crafted HTTP packets. Affected systems...