Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2022-20960

    A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of cert... Read more

    • Published: Nov. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-20959

    A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.... Read more

    Affected Products : identity_services_engine
    • Published: Oct. 26, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-20958

    A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an unauthenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to i... Read more

    • Published: Nov. 04, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-20956

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in the web... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-20955

    Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more informat... Read more

    • Published: Oct. 26, 2022
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2022-20954

    Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more informat... Read more

    • Published: Oct. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20953

    Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more informat... Read more

    • Published: Oct. 26, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2022-20952

    A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic o... Read more

    Affected Products : asyncos s195 s395 s695
    • Published: Mar. 01, 2023
    • Modified: Nov. 21, 2024

  • 7.7

    HIGH
    CVE-2022-20951

    A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application could allow an authenticated, remote attacker to perform a server-side request forgery (SSRF) attack on an affected device. This vulnerability is due to ins... Read more

    • Published: Nov. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2022-20950

    A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a lack of error-check... Read more

    Affected Products : firepower_threat_defense
    • Published: Nov. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-20949

    A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because ... Read more

    Affected Products : firepower_threat_defense
    • Published: Nov. 15, 2022
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2022-20947

    A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting... Read more

    • Published: Nov. 15, 2022
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2022-20946

    A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. ... Read more

    Affected Products : firepower_threat_defense
    • Published: Nov. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2022-20945

    A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to... Read more

    • Published: Sep. 30, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2022-20944

    A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to ... Read more

    • Published: Oct. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2022-20943

    Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) c... Read more

    • Published: Nov. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-20942

    A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an authenticated, remote a... Read more

    • Published: Nov. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2022-20940

    A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against... Read more

    Affected Products : firepower_threat_defense
    • Published: Nov. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2022-20937

    A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insuffi... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2022-20934

    A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to impr... Read more

    • Published: Nov. 15, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294836 Results