Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.6

    HIGH
    CVE-2022-20746

    A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An... Read more

    Affected Products : firepower_threat_defense
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2022-20745

    A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service... Read more

    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2022-20742

    A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vul... Read more

    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-20741

    A vulnerability in the web-based management interface of the Network Diagrams application for Cisco Secure Network Analytics, formerly Stealthwatch Enterprise, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack ag... Read more

    Affected Products : secure_network_analytics
    • Published: Apr. 06, 2022
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2022-20739

    A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-20738

    A vulnerability in the Cisco Umbrella Secure Web Gateway service could allow an unauthenticated, remote attacker to bypass the file inspection feature. This vulnerability is due to insufficient restrictions in the file inspection feature. An attacker coul... Read more

    • Published: Feb. 10, 2022
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2022-20737

    A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condit... Read more

    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2022-20736

    A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally hav... Read more

    Affected Products : appdynamics_controller appdynamics
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-20735

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient C... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2022-20734

    A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin ... Read more

    • Published: May. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2022-20733

    A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security ... Read more

    Affected Products : identity_services_engine
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20732

    A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due... Read more

    • Published: Apr. 21, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-20731

    Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a perman... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-20730

    A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update pro... Read more

    Affected Products : firepower_threat_defense
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20729

    A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerab... Read more

    Affected Products : firepower_threat_defense
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2022-20728

    A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due... Read more

    • Published: Sep. 30, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-20727

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2022-20726

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20725

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2022-20724

    Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating s... Read more

    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294836 Results