Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.5

    HIGH
    CVE-2021-1493

    A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnera... Read more

    • Published: Apr. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-1492

    The Duo Authentication Proxy installer prior to 5.2.1 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker ca... Read more

    Affected Products : windows authentication_proxy
    • Published: Mar. 25, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-1490

    A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected dev... Read more

    Affected Products : web_security_appliance
    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-1489

    A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vu... Read more

    • Published: Apr. 29, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-1488

    A vulnerability in the upgrade process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject commands that could be executed with root privileges on the... Read more

    • Published: Apr. 29, 2021
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2021-1487

    A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability is due ... Read more

    • Published: May. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-1486

    A vulnerability in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to enumerate user accounts. This vulnerability is due to the improper handling of HTTP headers. An attacker could exploit this vulnerability by sending authen... Read more

    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-1485

    A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating system (OS) of an affected device. This vulnerability is... Read more

    Affected Products : ios_xr
    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-1480

    Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about th... Read more

    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-1479

    Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about th... Read more

    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-1478

    A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to ca... Read more

    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2021-1476

    A vulnerability in the CLI of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affec... Read more

    • Published: Apr. 29, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-1475

    Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about th... Read more

    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-1474

    Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about th... Read more

    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-1473

    Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about ... Read more

    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-1472

    Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about ... Read more

    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2021-1471

    Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive informa... Read more

    Affected Products : jabber
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2021-1469

    Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive informa... Read more

    Affected Products : jabber
    • Published: Mar. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-1468

    Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain access to sensitive information, or allow an authenticated, local attacker to gain escalated privileges or gain una... Read more

    • Published: May. 06, 2021
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2021-1467

    A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. This vulnerability is due to improper authorization checks. An attacker could exploit this vulnerability by sending a c... Read more

    Affected Products : webex_meetings
    • Published: Apr. 08, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293679 Results