Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2022-20735

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient C... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2022-20734

    A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin ... Read more

    • Published: May. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-20733

    A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security ... Read more

    Affected Products : identity_services_engine
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20732

    A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due... Read more

    • Published: Apr. 21, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-20731

    Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a perman... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-20730

    A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update pro... Read more

    Affected Products : firepower_threat_defense
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20729

    A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerab... Read more

    Affected Products : firepower_threat_defense
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2022-20728

    A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due... Read more

    • Published: Sep. 30, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-20727

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-20726

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20725

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2022-20724

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2022-20723

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    Affected Products : ios_xe ios
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2022-20722

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    Affected Products : ios_xe ios
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2022-20721

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    Affected Products : ios_xe ios
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2022-20720

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    Affected Products : ios_xe ios
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2022-20719

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    Affected Products : ios_xe ios
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2022-20718

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    Affected Products : ios_xe ios
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20717

    A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20716

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vu... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294742 Results