VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,133 total · sorted by risk
  • CVE-2021-1557MedMay 22, 2021
    risk 0.39cvss 6.0epss 0.00

    Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. These vulnerabilities are due to insufficient restrictions during the execution of…

  • CVE-2021-1512MedMay 6, 2021
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a…

  • CVE-2021-1256MedApr 29, 2021
    risk 0.39cvss 6.0epss 0.01

    A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if…

  • CVE-2021-1454MedMar 24, 2021
    risk 0.39cvss 6.0epss 0.00

    Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker…

  • CVE-2021-1383MedMar 24, 2021
    risk 0.39cvss 6.0epss 0.01

    Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to access the underlying operating system with root privileges. These vulnerabilities are due to insufficient input validation of certain CLI commands. An attacker…

  • CVE-2021-1382MedMar 24, 2021
    risk 0.39cvss 6.0epss 0.01

    A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI…

  • CVE-2020-3503MedSep 24, 2020
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device.…

  • CVE-2020-3476MedSep 24, 2020
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a…

  • CVE-2020-3393MedSep 24, 2020
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. The attacker could execute IOS XE commands outside the application-hosting subsystem Docker container…

  • CVE-2020-3545MedSep 4, 2020
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could…

  • CVE-2020-3201MedJun 3, 2020
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is…

  • CVE-2013-2683MedFeb 6, 2020
    risk 0.39cvss 5.3epss 0.13

    Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which allows remote attackers to obtain private IP addresses and other sensitive information.

  • CVE-2019-1729MedMay 15, 2019
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software could allow an authenticated, local attacker to overwrite any file on the file system including system files. These file overwrites by the attacker are…

  • CVE-2019-1709MedMay 3, 2019
    risk 0.39cvss 6.0epss 0.01

    A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting…

  • CVE-2018-15437MedNov 8, 2018
    risk 0.39cvss 5.5epss 0.01

    A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be…

  • CVE-2018-0476MedOct 5, 2018
    risk 0.39cvss 5.9epss 0.14

    A vulnerability in the Network Address Translation (NAT) Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper…

  • CVE-2017-12338MedNov 30, 2017
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by…

  • CVE-2017-12315MedNov 16, 2017
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an…

  • CVE-2017-6666MedJun 13, 2017
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering (TE) tunnels, resulting…

  • CVE-2017-3850MedMar 21, 2017
    risk 0.39cvss 5.9epss 0.02

    A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability…

  • CVE-2016-6416MedOct 5, 2016
    risk 0.39cvss 5.9epss 0.02

    The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service…

  • CVE-2016-1415MedSep 3, 2016
    risk 0.39cvss 5.5epss 0.06

    Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455.

  • CVE-2016-1344MedMar 26, 2016
    risk 0.39cvss 5.9epss 0.03

    The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.

  • CVE-2026-20073MedMar 4, 2026
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is…

  • CVE-2026-20015MedMar 4, 2026
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the…

  • CVE-2026-20013MedMar 4, 2026
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere in the…

  • CVE-2026-20026MedJan 7, 2026
    risk 0.38cvss 5.8epss 0.01

    Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet…

  • CVE-2025-20360MedOct 15, 2025
    risk 0.38cvss 5.8epss 0.00

    Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a lack of complete error checking when the MIME fields of…

  • CVE-2025-20339MedSep 24, 2025
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the improper enforcement of the implicit deny all at the end of…

  • CVE-2025-20268MedAug 14, 2025
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region. This…

  • CVE-2025-20254MedAug 14, 2025
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a…

  • CVE-2025-20252MedAug 14, 2025
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a…

  • CVE-2025-20225MedAug 14, 2025
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger…

  • CVE-2025-20224MedAug 14, 2025
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a…

  • CVE-2025-20157MedMay 7, 2025
    risk 0.38cvss 5.9epss 0.00

    A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper validation of certificates that…

  • CVE-2025-20145MedMar 12, 2025
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled incorrectly when they are…

  • CVE-2025-20153MedFeb 19, 2025
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to…

  • CVE-2025-20183MedFeb 5, 2025
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an…

  • CVE-2021-34753MedNov 15, 2024
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete…

  • CVE-2021-1494MedNov 15, 2024
    risk 0.38cvss 5.8epss 0.01

    Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An…

  • CVE-2024-20431MedOct 23, 2024
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker…

  • CVE-2024-20407MedOct 23, 2024
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured…

  • CVE-2024-20384MedOct 23, 2024
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic…

  • CVE-2024-20342MedOct 23, 2024
    risk 0.38cvss 5.8epss 0.01

    Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection…

  • CVE-2024-20299MedOct 23, 2024
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have…

  • CVE-2024-20297MedOct 23, 2024
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have…

  • CVE-2024-20513MedOct 2, 2024
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device. This…

  • CVE-2024-20509MedOct 2, 2024
    risk 0.38cvss 5.8epss 0.00

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for individual users of the…

  • CVE-2024-20502MedOct 2, 2024
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource…

  • CVE-2024-20500MedOct 2, 2024
    risk 0.38cvss 5.8epss 0.01

    A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to…

Page 64 of 143