Latest CVE Feed
-
8.6
HIGHCVE-2022-20856
A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial ... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.9
HIGHCVE-2022-20855
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on... Read more
Affected Products : ios_xe catalyst_9800 catalyst_9800-40 catalyst_9800-80 catalyst_9800-cl catalyst_9800-l catalyst_9800-l-c catalyst_9800-l-f catalyst_9105 catalyst_9115 +20 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2022-20852
Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web interface. For more information about these vulnerabil... Read more
Affected Products : webex_meetings- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-20851
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit t... Read more
Affected Products : ios_xe catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr asr_1001 asr_1002 asr_1002-x asr_1002_fixed_router +249 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2022-20850
A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient i... Read more
Affected Products : sd-wan sd-wan_vmanage ios_xe_sd-wan sd-wan_vbond_orchestrator sd-wan_vsmart_controller sd-wan_solution vedge_100 vedge_1000 vedge_100b vedge_100m +5 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20848
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnera... Read more
Affected Products : ios_xe catalyst_8500 catalyst_8510csr catalyst_8510msr catalyst_8540csr catalyst_8540msr asr_1001 asr_1002 asr_1002-x asr_1004 +350 more products- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20847
A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the i... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
6.0
MEDIUMCVE-2022-20845
A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditio... Read more
Affected Products : ios_xr- Published: Nov. 15, 2024
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20844
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC using a default static username and passwo... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-20842
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more informati... Read more
- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
9.0
CRITICALCVE-2022-20841
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more informati... Read more
Affected Products : rv340_firmware rv340w_firmware rv345_firmware rv345p_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware small_business_rv_series_router_firmware +9 more products- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20837
A vulnerability in the DNS application layer gateway (ALG) functionality that is used by Network Address Translation (NAT) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability i... Read more
- Published: Oct. 10, 2022
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2022-20830
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and Control (SD-AVC) on Cisco vManage could allow an unauthenticated, remote attacker to access the GUI of Cisco SD-AVC without authentication. This vulnerability... Read more
- Published: Oct. 10, 2022
- Modified: Nov. 21, 2024
-
9.1
CRITICALCVE-2022-20829
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to... Read more
Affected Products : adaptive_security_appliance_software adaptive_security_device_manager isa_3000_firmware asa_5585-x_firmware asa_5512-x_firmware asa_5515-x_firmware asa_5585-x asa_5512-x asa_5515-x firepower_1010 +16 more products- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWE... Read more
Affected Products : asa_firepower firepower_services_software_for_asa firepower_1010 firepower_1120 firepower_1140 firepower_1150 firepower_2110 firepower_2120 firepower_2130 firepower_2140 +11 more products- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2022-20827
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more informati... Read more
Affected Products : rv340_firmware rv340w_firmware rv345_firmware rv345p_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware rv260w_firmware small_business_rv_series_router_firmware +9 more products- Published: Aug. 10, 2022
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2022-20826
A vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated attacker with physica... Read more
- Published: Nov. 15, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2022-20825
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resultin... Read more
- Published: Jun. 15, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2022-20824
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an aff... Read more
Affected Products : nx-os nexus_7000_firmware nexus_9000_firmware nexus_93180yc-fx3s_firmware nexus_93180yc-fx3_firmware nexus_7000 nexus_1000v nexus_3016_firmware nexus_3048_firmware nexus_3064_firmware +279 more products- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2022-20823
A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of ... Read more
Affected Products : nx-os nexus_7000_firmware nexus_9000_firmware nexus_93180yc-fx3s_firmware nexus_93180yc-fx3_firmware nexus_7000 nexus_7000_10-slot nexus_7000_18-slot nexus_7000_9-slot nexus_3016_firmware +285 more products- Published: Aug. 25, 2022
- Modified: Nov. 21, 2024