VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,235 total · sorted by risk
  • CVE-2025-43211MedJul 30, 2025
    risk 0.40cvss 6.2epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing web content may lead to a denial-of-service.

  • CVE-2025-20211MedFeb 19, 2025
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based…

  • CVE-2025-20179MedFeb 5, 2025
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management…

  • CVE-2021-1444MedNov 18, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the…

  • CVE-2020-3532MedNov 18, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could…

  • CVE-2020-3431MedNov 18, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Small Business RV042 Dual WAN VPN Routers and Cisco Small Business RV042G Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against…

  • CVE-2024-20496MedSep 25, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to incorrect handling of a specific type of…

  • CVE-2023-20264MedNov 1, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker…

  • CVE-2023-20206MedNov 1, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These…

  • CVE-2023-20251MedSep 27, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple…

  • CVE-2023-20202MedSep 27, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper memory management. An…

  • CVE-2023-20228MedAug 16, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient…

  • CVE-2023-20181MedAug 3, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based management…

  • CVE-2023-20199MedJun 28, 2023
    risk 0.40cvss 6.2epss 0.00

    A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated, physical attacker to bypass secondary authentication and access an affected macOS device. This vulnerability is due to the incorrect handling of responses from Cisco Duo when the…

  • CVE-2023-20119MedJun 28, 2023
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, formerly known as Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack…

  • CVE-2023-20151MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20150MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20149MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20148MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20147MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20146MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20145MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20144MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20143MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20142MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20141MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20140MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20139MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20138MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20137MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These…

  • CVE-2023-20068MedApr 5, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due…

  • CVE-2023-20082MedMar 23, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of…

  • CVE-2023-20104MedMar 3, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the file upload functionality of Cisco Webex App for Web could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied…

  • CVE-2023-20085MedMar 1, 2023
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This…

  • CVE-2023-20053MedMar 1, 2023
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due…

  • CVE-2023-20058MedJan 20, 2023
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based…

  • CVE-2023-20019MedJan 20, 2023
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…

  • CVE-2022-20959MedOct 26, 2022
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is…

  • CVE-2022-20944MedOct 10, 2022
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the…

  • CVE-2022-20662MedSep 30, 2022
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability exists because the assigned user of a smart card is not properly matched with the…

  • CVE-2022-20869MedAug 10, 2022
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the…

  • CVE-2022-20916MedJul 22, 2022
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco IoT Control Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface…

  • CVE-2022-20815MedJul 6, 2022
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an…

  • CVE-2022-20800MedJul 6, 2022
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and…

  • CVE-2022-31734MedJun 20, 2022
    risk 0.40cvss 6.1epss 0.01

    Cisco Catalyst 2940 Series Switches provided by Cisco Systems, Inc. contain a reflected cross-site scripting vulnerability regarding error page generation. An arbitrary script may be executed on the web browser of the user who is using the product. The affected firmware is prior…

  • CVE-2022-20674MedMay 27, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are…

  • CVE-2022-20673MedMay 27, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are…

  • CVE-2022-20672MedMay 27, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are…

  • CVE-2022-20671MedMay 27, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are…

  • CVE-2022-20670MedMay 27, 2022
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are…

Page 53 of 145