Latest CVE Feed
-
5.5
MEDIUMCVE-2021-1637
Windows DNS Query Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_1507 +6 more products- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1636
Microsoft SQL Elevation of Privilege Vulnerability... Read more
Affected Products : sql_server- Published: Jan. 12, 2021
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2021-1630
XML external entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers.... Read more
Affected Products : mule- Published: Aug. 05, 2021
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2021-1629
Tableau Server fails to validate certain URLs that are embedded in emails sent to Tableau Server users.... Read more
- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1628
MuleSoft is aware of a XML External Entity (XXE) vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021.... Read more
Affected Products : mule- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1627
MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021.... Read more
Affected Products : mule- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1626
MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021.... Read more
Affected Products : mule- Published: Mar. 26, 2021
- Modified: Nov. 21, 2024
-
5.8
MEDIUMCVE-2021-1625
A vulnerability in the Zone-Based Policy Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent the Zone-Based Policy Firewall from correctly classifying traffic. This vulnerability exists because ICMP and UDP... Read more
Affected Products : ios_xe- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1624
A vulnerability in the Rate Limiting Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a ... Read more
Affected Products : ios_xe asr_1001 asr_1002 asr_1002-x asr_1004 asr_1006 asr_1013 asr_1000 asr_1000-esp100 asr_1001-hx +10 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
7.7
HIGHCVE-2021-1623
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco cBR-8 Converged Broadband Routers could allow an authenticated, remote attacker to overload a device punt path, resulting in a denial of service (DoS) conditi... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1622
A vulnerability in the Common Open Policy Service (COPS) of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause resource exhaustion, resulting in a denial of service (DoS) condition. T... Read more
Affected Products : ios_xe 7600_router asr_901-12c-f-d asr_901-12c-ft-d asr_901-4c-f-d asr_901-4c-ft-d asr_901-6cz-f-a asr_901-6cz-f-d asr_901-6cz-fs-a asr_901-6cz-fs-d +3 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-1621
A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulner... Read more
Affected Products : ios_xe asr_1001 asr_1002 asr_1002-x asr_1004 asr_1006 asr_1013 1100-4g\/6g_integrated_services_router 1100-4p_integrated_services_router 1100-8p_integrated_services_router +35 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2021-1619
A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following: Install, manipulate, ... Read more
Affected Products : ios_xe ios_xe_sd-wan ios_xe_sd-wan_16.10.1_when_installed_on_1000_series_integrated_services ios_xe_sd-wan_16.10.1_when_installed_on_4000_series_integrated_services ios_xe_sd-wan_16.10.1_when_installed_on_asr_1000_series_aggregation_services ios_xe_sd-wan_16.10.1_when_installed_on_integrated_services_virtual ios_xe_sd-wan_16.10.2_when_installed_on_1000_series_integrated_services ios_xe_sd-wan_16.10.2_when_installed_on_4000_series_integrated_services ios_xe_sd-wan_16.10.2_when_installed_on_asr_1000_series_aggregation_services ios_xe_sd-wan_16.10.2_when_installed_on_integrated_services_virtual +136 more products- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
9.0
HIGHCVE-2021-1618
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due... Read more
Affected Products : intersight_virtual_appliance- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1617
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due... Read more
Affected Products : intersight_virtual_appliance- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
4.7
MEDIUMCVE-2021-1616
A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data v... Read more
Affected Products : ios_xe- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1615
A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller (EWC) Software for Catalyst Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected AP. Th... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
5.3
MEDIUMCVE-2021-1614
A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insuffic... Read more
- Published: Jul. 22, 2021
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2021-1612
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to overwrite arbitrary files on the local system. This vulnerability is due to improper access controls on files within the local file system. An attacker... Read more
Affected Products : sd-wan- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024
-
8.6
HIGHCVE-2021-1611
A vulnerability in Ethernet over GRE (EoGRE) packet processing of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9800 Family Wireless Controller, Embedded Wireless Controller, and Embedded Wireless on Catalyst 9000 Series Switches could ... Read more
- Published: Sep. 23, 2021
- Modified: Nov. 21, 2024