Cisco Security Vulnerabilities (CVEs)
Track 564 security vulnerabilities affecting Cisco products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows authenticated attackers with read-only administrator credentials to escalate privileges to read-write administrator access o...
Jun 28, 2023This vulnerability allows a low-privileged local attacker on Windows systems with Cisco AnyConnect or Secure Client to elevate privileges to SYSTEM le...
Jun 28, 2023This vulnerability allows authenticated remote attackers with read-only credentials to elevate privileges to administrator level on Cisco Expressway a...
Jun 28, 2023Multiple vulnerabilities in Cisco Small Business Series Switches web interface allow unauthenticated remote attackers to cause denial of service or ex...
May 18, 2023Multiple vulnerabilities in Cisco Small Business Series Switches web interface allow unauthenticated remote attackers to cause denial of service or ex...
May 18, 2023This vulnerability in Cisco Small Business Series Switches allows unauthenticated remote attackers to cause denial of service or execute arbitrary cod...
May 18, 2023This vulnerability in Cisco Small Business Series Switches allows unauthenticated remote attackers to execute arbitrary code with root privileges or c...
May 18, 2023This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privileges or cause denial of service on affected Cisco...
May 18, 2023This vulnerability in Cisco Small Business Series Switches allows unauthenticated remote attackers to execute arbitrary code with root privileges or c...
May 18, 2023An unauthenticated remote attacker can execute arbitrary code with full privileges on Cisco SPA112 2-Port Phone Adapters by exploiting a missing authe...
May 4, 2023Authenticated remote attackers can execute arbitrary commands as root on Cisco RV320/RV325 routers via web interface input validation flaws. This affe...
Apr 5, 2023This vulnerability allows authenticated remote attackers to execute arbitrary code as administrator on Cisco Secure Network Analytics devices. Attacke...
Apr 5, 2023Authenticated remote attackers can execute arbitrary commands as root on Cisco RV320/RV325 routers via the web management interface. This affects admi...
Apr 5, 2023This CSRF vulnerability in Cisco SD-WAN vManage allows unauthenticated attackers to trick authenticated users into performing malicious actions via ma...
Mar 23, 2023This vulnerability allows unauthenticated remote attackers to discover private cryptographic keys on affected Cisco ASA/FTD devices due to insufficien...
Mar 23, 2023An unauthenticated remote attacker can cause denial of service on Cisco wireless controllers by exploiting a logic error in the CAPWAP AP joining proc...
Mar 23, 2023This vulnerability in Cisco Catalyst 9300 switches allows authenticated local attackers with level-15 privileges or unauthenticated attackers with phy...
Mar 23, 2023An unauthenticated remote attacker can send crafted DHCPv6 messages to Cisco IOS/IOS XE devices with DHCPv6 relay or server features enabled, causing ...
Mar 23, 2023An unauthenticated attacker on the same network can send crafted traffic through a wireless access point to exploit insufficient input validation in C...
Mar 23, 2023This vulnerability allows an authenticated local attacker to escape the Cisco IOx application container and execute arbitrary commands with root privi...
Mar 23, 2023This vulnerability allows authenticated local attackers to cause Cisco access points to reboot by submitting specially crafted CLI commands. It affect...
Mar 23, 2023This vulnerability allows authenticated local attackers on Cisco IOS XE SD-WAN devices to execute arbitrary commands with root privileges due to insuf...
Mar 23, 2023This vulnerability in Cisco IOS XE Software allows authenticated local attackers to gain root privileges by exploiting insufficient memory protection ...
Mar 23, 2023An unauthenticated remote attacker can send crafted IPv4 BFD packets to cause line card resets on affected Cisco routers, resulting in denial of servi...
Mar 9, 2023This vulnerability allows unauthenticated remote attackers to execute arbitrary code or cause denial of service on affected Cisco IP Phones through th...
Mar 3, 2023A heap buffer overflow vulnerability in ClamAV's HFS+ partition file parser allows remote unauthenticated attackers to execute arbitrary code or cause...
Mar 1, 2023An unauthenticated remote attacker can cause denial of service on Cisco Nexus Dashboard by sending continuous DNS requests. This vulnerability affects...
Mar 1, 2023An unauthenticated attacker on the same network segment can send crafted LLDP packets to Cisco Nexus 9000 ACI switches, causing a memory leak that lea...
Feb 23, 2023This CSRF vulnerability in Cisco APIC and Cloud Network Controller web interfaces allows unauthenticated attackers to trick authenticated users into e...
Feb 23, 2023This vulnerability in Cisco IOx allows authenticated remote attackers to execute arbitrary commands as root on the host operating system by deploying ...
Feb 12, 2023This vulnerability in Cisco SD-WAN Software allows authenticated local attackers to gain root privileges by exploiting improper access controls in the...
Sep 30, 2022CVE-2022-20861 allows unauthenticated remote attackers to execute arbitrary commands, read/upload container images, or perform CSRF attacks on Cisco N...
Jul 21, 2022This vulnerability allows an unauthenticated remote attacker to perform man-in-the-middle attacks on SSL/TLS connections between Cisco Nexus Dashboard...
Jul 21, 2022CVE-2022-20857 is a critical vulnerability in Cisco Nexus Dashboard that allows unauthenticated remote attackers to execute arbitrary commands, read/u...
Jul 21, 2022This CVE describes multiple vulnerabilities in Cisco Expressway Series and TelePresence VCS that allow remote attackers to overwrite arbitrary files o...
Jul 6, 2022This vulnerability in Cisco Smart Software Manager On-Prem allows an authenticated remote attacker to cause a denial of service (DoS) by sending multi...
Jul 6, 2022This vulnerability allows authenticated administrators to upload malicious ASDM images to Cisco ASA devices, which can execute arbitrary code on the c...
Jun 24, 2022An unauthenticated remote attacker can execute arbitrary code with root privileges on affected Cisco Small Business routers by sending crafted HTTP re...
Jun 15, 2022This vulnerability allows unauthenticated remote attackers to bypass LDAP authentication on Cisco Secure Email and Web Manager (formerly SMA) and Cisc...
Jun 15, 2022This vulnerability allows authenticated attackers with operator-level credentials to retrieve sensitive information from LDAP authentication servers c...
Jun 15, 2022This vulnerability in Cisco Enterprise NFV Infrastructure Software allows attackers to escape from guest virtual machines to the host system, execute ...
May 4, 2022This critical vulnerability in Cisco Enterprise NFV Infrastructure Software allows attackers to escape from guest virtual machines to the host system,...
May 4, 2022A vulnerability in the CHM file parser of ClamAV allows an unauthenticated remote attacker to cause a denial of service condition on affected devices....
May 4, 2022This vulnerability allows unauthenticated remote attackers to cause denial of service on Cisco Firepower Threat Defense devices by sending crafted UDP...
May 3, 2022This vulnerability allows authenticated but unprivileged remote attackers to escalate privileges to level 15 (highest administrative level) on Cisco A...
May 3, 2022This vulnerability in Cisco Firepower Threat Defense (FTD) Software allows an unauthenticated remote attacker to cause a denial of service (DoS) by ex...
May 3, 2022An unauthenticated remote attacker can cause a denial of service (DoS) by sending a crafted HTTPS request to Cisco ASA or FTD devices with web service...
May 3, 2022This vulnerability allows an unauthenticated remote attacker in a man-in-the-middle position to decrypt, read, modify, and re-encrypt data transmitted...
May 3, 2022A heap-based buffer overflow vulnerability in Cisco ASA's Clientless SSL VPN portal allows authenticated remote attackers to cause denial of service o...
May 3, 2022This vulnerability allows an unauthenticated remote attacker to cause a denial of service (DoS) by sending crafted requests to the SSL VPN features of...
May 3, 2022Why Monitor Cisco Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 564+ known vulnerabilities affecting Cisco products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Cisco packages in under 60 seconds. No agents required - completely agentless scanning that works across Cisco deployments.
Free vulnerability database: Access detailed information about every Cisco CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Cisco CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
