VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,233 total · sorted by risk
  • CVE-2025-20176Feb 5, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker…

  • CVE-2025-20172Feb 5, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP…

  • CVE-2025-20173Feb 5, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker…

  • CVE-2025-20185Feb 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The…

  • CVE-2025-20184Feb 5, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. The attacker must…

  • CVE-2025-20183Feb 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an…

  • CVE-2025-20180Feb 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. …

  • CVE-2025-20165Jan 22, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an unauthenticated, remote attacker to halt the processing of incoming SIP requests, resulting in a denial of service (DoS) condition. This vulnerability is due to improper memory handling for…

  • CVE-2025-20156Jan 22, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authorization is not enforced upon REST API…

  • CVE-2025-20128Jan 22, 2025
    risk 0.00cvss epss 0.02

    A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check…

  • CVE-2024-10630Jan 14, 2025
    risk 0.00cvss epss 0.00

    A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the application blocking functionality.

  • CVE-2025-20168Jan 8, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient…

  • CVE-2025-20167Jan 8, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient…

  • CVE-2025-20166Jan 8, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient…

  • CVE-2025-20126Jan 8, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. This vulnerability exists because the affected software does not…

  • CVE-2025-20123Jan 8, 2025
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system. These vulnerabilities exist…

  • CVE-2020-26066Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE)…

  • CVE-2020-26062Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as…

  • CVE-2020-26071Nov 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient input…

  • CVE-2020-27124Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition. The vulnerability is due to…

  • CVE-2020-3420Nov 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS)…

  • CVE-2020-26074Nov 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file…

  • CVE-2020-3525Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when…

  • CVE-2020-3538Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient path restriction…

  • CVE-2020-3539Nov 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that…

  • CVE-2020-3548Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of…

  • CVE-2021-1234Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must be in cluster mode. …

  • CVE-2021-1132Nov 18, 2024
    risk 0.00cvss epss 0.02

    A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management interface and certain…

  • CVE-2021-1379Nov 18, 2024
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP…

  • CVE-2021-1232Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficient access control for…

  • CVE-2021-1410Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for…

  • CVE-2021-1425Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because…

  • CVE-2021-1440Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS)…

  • CVE-2021-1462Nov 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker would need to have a valid Administrator account on an affected system. The…

  • CVE-2021-1465Nov 18, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system. The vulnerability is due to…

  • CVE-2021-1466Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete bounds…

  • CVE-2021-1470Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper input validation of SQL queries to an affected…

  • CVE-2021-1481Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the…

  • CVE-2021-1482Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain access to sensitive information on an affected system. This vulnerability is due to insufficient…

  • CVE-2021-1464Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain restricted access to the configuration information of an affected system. This vulnerability exists because the affected software has…

  • CVE-2021-1483Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. This vulnerability is due to improper handling of XML External Entity (XXE)…

  • CVE-2021-1484Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service (DoS) condition. This vulnerability is due to improper input validation of…

  • CVE-2021-1491Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying file system of the device. This vulnerability is due to insufficient file scope limiting. An…

  • CVE-2022-20633Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication responses that are sent back…

  • CVE-2022-20632Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not…

  • CVE-2021-34753Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete…

  • CVE-2021-34751Nov 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an…

  • CVE-2021-34750Nov 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an…

  • CVE-2022-20626Nov 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the…

  • CVE-2022-20631Nov 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not…

Page 94 of 145