Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2021-34722

    Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about the... Read more

    Affected Products : ios_xr asr_9001 asr_9006 asr_9010 asr_9904 asr_9912 asr_9922 8201 8202 ncs_1001 +34 more products
    • EPSS Score: %0.09
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.9

    MEDIUM
    CVE-2021-34721

    Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about the... Read more

    Affected Products : ios_xr asr_9001 asr_9006 asr_9010 asr_9904 asr_9912 asr_9922 8201 8202 ncs_1001 +34 more products
    • EPSS Score: %0.09
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-34720

    A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or ca... Read more

    Affected Products : ios_xr asr_9001 asr_9006 asr_9010 asr_9904 asr_9912 asr_9922 8201 8202 ncs_1001 +36 more products
    • EPSS Score: %1.15
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-34719

    Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section ... Read more

    Affected Products : ios_xr asr_9001 asr_9006 asr_9010 asr_9904 asr_9912 asr_9922 8201 8202 ncs_1001 +36 more products
    • EPSS Score: %0.10
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 8.5

    HIGH
    CVE-2021-34718

    A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are su... Read more

    • EPSS Score: %0.89
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-34716

    A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root... Read more

    • EPSS Score: %1.10
    • Published: Aug. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-34715

    A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating s... Read more

    • EPSS Score: %0.67
    • Published: Aug. 18, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-34714

    A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected d... Read more

    • EPSS Score: %0.17
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-34713

    A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incor... Read more

    • EPSS Score: %0.10
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-34712

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input ... Read more

    • EPSS Score: %0.07
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-34711

    A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability... Read more

    • EPSS Score: %0.07
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-34710

    Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For... Read more

    • EPSS Score: %5.69
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.9

    MEDIUM
    CVE-2021-34709

    Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticate... Read more

    • EPSS Score: %0.02
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-34708

    Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticate... Read more

    • EPSS Score: %0.02
    • Published: Sep. 09, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-34707

    A vulnerability in the REST API of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently prot... Read more

    • EPSS Score: %0.24
    • Published: Aug. 04, 2021
    • Modified: Nov. 21, 2024

  • 6.4

    MEDIUM
    CVE-2021-34706

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information or conduct a server-side request forgery (SSRF) attack through an affected device. ... Read more

    Affected Products : identity_services_engine
    • EPSS Score: %0.21
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-34705

    A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability... Read more

    Affected Products : ios_xe ios
    • EPSS Score: %0.34
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-34704

    A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulner... Read more

    • EPSS Score: %0.25
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-34703

    A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerabil... Read more

    • EPSS Score: %0.27
    • Published: Sep. 23, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-34702

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to improper enforcement of administrator privilege level... Read more

    Affected Products : identity_services_engine
    • EPSS Score: %0.16
    • Published: Oct. 06, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291269 Results