VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,230 total · sorted by risk
  • CVE-2023-20212HigAug 18, 2023
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could…

  • CVE-2023-20197HigAug 16, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion…

  • CVE-2023-20108HigJun 28, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are…

  • CVE-2023-20117HigApr 5, 2023
    risk 0.49cvss 7.2epss 0.28

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.…

  • CVE-2023-20128HigApr 5, 2023
    risk 0.49cvss 7.2epss 0.30

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.…

  • CVE-2023-20107HigMar 23, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls…

  • CVE-2023-20014HigMar 1, 2023
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this…

  • CVE-2022-20918HigNov 15, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the Simple Network Management Protocol (SNMP) access controls for Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module, Cisco Firepower Management Center (FMC) Software, and Cisco Next-Generation Intrusion Prevention System (NGIPS)…

  • CVE-2022-20854HigNov 15, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This…

  • CVE-2022-20960HigNov 4, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that…

  • CVE-2022-20696HigSep 8, 2022
    risk 0.49cvss 7.5epss 0.00

    A vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system. This vulnerability exists…

  • CVE-2022-20866HigAug 10, 2022
    risk 0.49cvss 7.4epss 0.17

    A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic…

  • CVE-2022-20785HigMay 4, 2022
    risk 0.49cvss 7.5epss 0.07

    On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior…

  • CVE-2022-20771HigMay 4, 2022
    risk 0.49cvss 7.5epss 0.05

    On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior…

  • CVE-2022-20783HigApr 21, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is…

  • CVE-2022-20773HigApr 21, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this…

  • CVE-2022-20653HigFeb 17, 2022
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected…

  • CVE-2022-20698HigJan 14, 2022
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to…

  • CVE-2021-34741HigNov 4, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the email scanning algorithm of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack against an affected device. This vulnerability is due to insufficient…

  • CVE-2021-1594HigOct 6, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulnerability is due to insufficient input validation for specific API endpoints. An…

  • CVE-2021-1513HigMay 6, 2021
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the vDaemon process of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker…

  • CVE-2021-1511HigMay 6, 2021
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this…

  • CVE-2021-1510HigMay 6, 2021
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this…

  • CVE-2021-1509HigMay 6, 2021
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in Cisco SD-WAN vEdge Software could allow an attacker to execute arbitrary code as the root user or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this…

  • CVE-2021-1405HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable…

  • CVE-2021-1404HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that…

  • CVE-2021-1252HigApr 8, 2021
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error…

  • CVE-2021-1437HigMar 24, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the FlexConnect Upgrade feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. This vulnerability is due to an unrestricted Trivial File Transfer…

  • CVE-2021-1431HigMar 24, 2021
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the vDaemon process of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker…

  • CVE-2021-1297HigFeb 4, 2021
    risk 0.49cvss 7.5epss 0.04

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be…

  • CVE-2021-1296HigFeb 4, 2021
    risk 0.49cvss 7.5epss 0.04

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be…

  • CVE-2021-1277HigJan 20, 2021
    risk 0.49cvss 7.5epss 0.00

    Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to insufficient certificate…

  • CVE-2021-1276HigJan 20, 2021
    risk 0.49cvss 7.5epss 0.00

    Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) could allow an attacker to spoof a trusted host or construct a man-in-the-middle attack to extract sensitive information or alter certain API requests. These vulnerabilities are due to insufficient certificate…

  • CVE-2021-1223HigJan 13, 2021
    risk 0.49cvss 7.5epss 0.02

    Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could…

  • CVE-2020-3392HigNov 18, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. The vulnerability exists because the affected software does not properly authenticate API calls. An attacker…

  • CVE-2020-26076HigNov 18, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. The vulnerability is due to the absence of authentication for sensitive information. An attacker could exploit…

  • CVE-2020-3574HigNov 6, 2020
    risk 0.49cvss 7.5epss 0.08

    A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP…

  • CVE-2020-3444HigNov 6, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this…

  • CVE-2020-3554HigOct 21, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The…

  • CVE-2020-3317HigOct 21, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could…

  • CVE-2020-3426HigSep 24, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote…

  • CVE-2020-3422HigSep 24, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition. The vulnerability exists…

  • CVE-2020-3133HigSep 23, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. The vulnerability is due to improper validation of incoming emails. An…

  • CVE-2019-16023HigSep 23, 2020
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect…

  • CVE-2019-16021HigSep 23, 2020
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect…

  • CVE-2019-15289HigSep 23, 2020
    risk 0.49cvss 7.5epss 0.01

    Multiple vulnerabilities in the video service of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to…

  • CVE-2020-3338HigAug 27, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Protocol Independent Multicast (PIM) feature for IPv6 networks (PIM6) of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper error…

  • CVE-2020-3411HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker access to sensitive information on an affected system. The vulnerability is due to improper handling of authentication tokens by the affected software. An attacker could exploit this…

  • CVE-2020-3481HigJul 20, 2020
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a null pointer dereference.…

  • CVE-2020-3369HigJul 16, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the deep packet inspection (DPI) engine of Cisco SD-WAN vEdge Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper processing of FTP traffic. An…

Page 27 of 145