Cisco Security Vulnerabilities (CVEs)

A vulnerability in Cisco Firepower Threat Defense (FTD) software allows attackers to bypass file policies that should block encrypted archive files. U...

This vulnerability allows authenticated low-privileged local attackers to read and write arbitrary files as root on affected Cisco systems. It affects...

An HTTP response splitting vulnerability in Cisco Secure Email Gateway's web management API allows unauthenticated attackers to conduct cross-site scr...

This vulnerability allows authenticated attackers to conduct cross-site scripting (XSS) attacks against users of Cisco Secure Email and Web Manager's ...

This vulnerability in Cisco Crosswork NSO's Tail-f HCC function pack allows authenticated local attackers to escalate privileges to root by manipulati...

This cross-site scripting (XSS) vulnerability in Cisco Secure Email Gateway's web management interface allows authenticated attackers to inject malici...

An unauthenticated remote attacker can send a crafted request to the web-based management interface of vulnerable Cisco IP Phone firmware, causing the...

An unauthenticated attacker on the same network segment can send specially crafted OSPFv2 packets to vulnerable Cisco IOS XE devices, causing them to ...

This vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC) allows unauthenticated remote attackers to read arbitrary files via the Out-of-Ba...

A heap underflow vulnerability in Cisco IOS/IOS XE IKEv1 fragmentation handling allows unauthenticated remote attackers to trigger device reloads via ...

This vulnerability in Cisco IOS XE Software's IPv4 SD-Access fabric edge node allows unauthenticated remote attackers to cause a denial of service by ...

An unauthenticated remote attacker can send specially crafted LISP packets to vulnerable Cisco devices, causing them to reload and creating a denial o...

An unauthenticated attacker on the same wireless network can send continuous mDNS packets to Cisco IOS XE Wireless LAN Controllers, causing high CPU u...

An unauthenticated remote attacker can send specially crafted IPv4 packets to Cisco Access Points, causing them to crash and reload, resulting in deni...

An unauthenticated remote attacker can send a crafted DHCP request packet to cause Cisco IOS XE devices with DHCP snooping and endpoint analytics enab...

An unauthenticated adjacent attacker can crash the ppp_ma process on Cisco ASR 9000 routers running IOS XR with BNG and PPPoE termination, causing den...

This vulnerability allows authenticated local attackers with low privileges on affected Cisco routers to elevate their privileges to root by exploitin...

This CRLF injection vulnerability in Cisco Secure Client's SAML authentication allows unauthenticated attackers to execute arbitrary script code in us...

This vulnerability in Cisco NX-OS Software allows unauthenticated remote attackers to cause denial of service by flooding eBGP traffic, which can drop...

An unauthenticated CSRF vulnerability in Cisco Expressway Series and TelePresence VCS SOAP API allows attackers to trick authenticated users into exec...

An unauthenticated remote attacker can upload arbitrary files and execute commands on Cisco Unity Connection systems via a vulnerable API in the web m...

This vulnerability allows authenticated remote attackers with valid device credentials (no admin privileges required) to execute arbitrary commands on...

This vulnerability in Cisco ISE allows authenticated users with at least Read-only privileges to execute arbitrary commands on the underlying operatin...

A vulnerability in Cisco Firepower Threat Defense (FTD) Software's ICMPv6 inspection with Snort 2 allows remote attackers to cause 100% CPU usage via ...

An unauthenticated remote attacker can send crafted packets to Cisco Firepower Threat Defense (FTD) Software on Firepower 2100 Series Firewalls, causi...

This vulnerability in Cisco Firepower Management Center allows unauthenticated attackers to cause denial of service by overwhelming a logging API, pot...

An unauthenticated remote attacker can send crafted ICMPv6 messages to Cisco ASA or FTD devices with IPv6 enabled, causing the device to reload and cr...

This vulnerability in Cisco IOS XE Software allows authenticated remote attackers to execute arbitrary commands with root privileges via the web UI. A...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server res...

An unauthenticated remote attacker can send crafted HTTP requests to a specific API endpoint in Cisco Unified Communications products, causing high CP...

This vulnerability allows authenticated remote attackers to access other tenants' data and configurations in Cisco Catalyst SD-WAN Manager when multi-...

An unauthenticated remote attacker can send crafted L2TP packets to vulnerable Cisco IOS XE devices, causing them to reload unexpectedly and creating ...

This vulnerability in Cisco DNA Center allows unauthenticated remote attackers to read and modify data in an internal service repository due to insuff...

This vulnerability allows authenticated remote attackers with level 15 privileges to bypass AAA command authorization checks when using SCP, enabling ...

This vulnerability in Cisco Catalyst 3650 and 3850 Series Switches running IOS XE allows unauthenticated remote attackers to cause a denial of service...

An unauthenticated remote attacker can cause Cisco ISE to stop processing RADIUS packets by sending crafted RADIUS accounting requests, resulting in d...

A vulnerability in Cisco FXOS Software and UCS 6300 Series Fabric Interconnects allows authenticated remote attackers to cause denial of service by se...

An unauthenticated local attacker can cause Cisco NX-OS devices to crash and reload by entering a crafted string at the login prompt when TACACS+ or R...

A memory management logic error in ClamAV's AutoIt module allows remote attackers to cause denial of service by submitting crafted AutoIt files. This ...

This vulnerability allows authenticated local attackers on Cisco ThousandEyes Enterprise Agent virtual appliances to escalate privileges to root by ex...

This vulnerability allows authenticated remote attackers to perform SQL injection attacks on Cisco Unified Communications Manager (Unified CM) and its...

This vulnerability in ClamAV's HFS+ filesystem parser allows remote attackers to cause denial of service by submitting crafted HFS+ images. The scanni...