Latest CVE Feed
-
4.8
MEDIUMCVE-2021-1271
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affecte... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1270
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulner... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1269
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulner... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-1268
A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management interface network of an affected device. The vulnerability exist... Read more
- Published: Feb. 04, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-1266
A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the way that the affected software lo... Read more
Affected Products : managed_services_accelerator- Published: Feb. 04, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1263
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more in... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1262
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more in... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1261
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more in... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2021-1260
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more in... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.8
MEDIUMCVE-2021-1259
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain write access to sensitive files on an affected system. The vulnerability is d... Read more
Affected Products : sd-wan_vmanage- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-1258
A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability i... Read more
- Published: Jan. 13, 2021
- Modified: Nov. 21, 2024
-
6.0
MEDIUMCVE-2021-1256
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause ... Read more
Affected Products : firepower_threat_defense- Published: Apr. 29, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2021-1255
Multiple vulnerabilities in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. For more information about these vulnerabilities, se... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2021-1254
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient val... Read more
- Published: May. 22, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1253
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) att... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2021-1252
A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due t... Read more
Affected Products : clamav- Published: Apr. 08, 2021
- Modified: Nov. 21, 2024
-
7.4
HIGHCVE-2021-1251
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or r... Read more
Affected Products : rv340_firmware rv340w_firmware rv345_firmware rv345p_firmware rv132w_firmware rv134w_firmware rv160_firmware rv160w_firmware rv260_firmware rv260p_firmware +13 more products- Published: Apr. 08, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1250
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) att... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
6.5
MEDIUMCVE-2021-1249
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow a remote attacker with network-operator privileges to conduct a cross-site scripting (XSS) attack or a reflected file download (RFD) att... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2021-1248
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see... Read more
- Published: Jan. 20, 2021
- Modified: Nov. 21, 2024