Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2018-0258

    A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary files to any directory of a vulnerable device (aka Path Traversal) and execute those files. This vulnerability affec... Read more

    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2018-0257

    A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnera... Read more

    Affected Products : ios_xe ios_xe
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2018-0256

    A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denia... Read more

    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-0255

    A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. The vulnerability is due ... Read more

    Affected Products : ios
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2018-0254

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also config... Read more

    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-0253

    A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the targeted us... Read more

    Affected Products : secure_access_control_system
    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2018-0252

    A vulnerability in the IP Version 4 (IPv4) fragment reassembly function of Cisco 3500, 5500, and 8500 Series Wireless LAN Controller Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in ... Read more

    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0251

    A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting ... Read more

    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 4.1

    MEDIUM
    CVE-2018-0250

    A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, adjacent attacker to bypass a configured FlexConnect ac... Read more

    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 4.3

    MEDIUM
    CVE-2018-0249

    A vulnerability when handling incoming 802.11 Association Requests for Cisco Aironet 1800 Series Access Point (APs) on Qualcomm Atheros (QCA) based hardware platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) con... Read more

    Affected Products : aironet_access_point_software
    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2018-0248

    A vulnerability in the administrative GUI configuration feature of Cisco Wireless LAN Controller (WLC) Software could allow an aUTHENTICated, remote attacker to cause the device to reload unexpectedly during device configuration when the administrator is ... Read more

    Affected Products : wireless_lan_controller_software
    • Published: Apr. 17, 2019
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2018-0247

    A vulnerability in Web Authentication (WebAuth) clients for the Cisco Wireless LAN Controller (WLC) and Aironet Access Points running Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic. The vulne... Read more

    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2018-0245

    A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due ... Read more

    • Published: May. 02, 2018
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2018-0244

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnera... Read more

    Affected Products : firepower_threat_defense
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2018-0243

    A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3... Read more

    Affected Products : firepower_threat_defense
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2018-0242

    A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an aff... Read more

    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2018-0241

    A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP b... Read more

    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2018-0240

    Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an a... Read more

    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-0239

    A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote att... Read more

    Affected Products : staros asr_5700
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024

  • 9.9

    CRITICAL
    CVE-2018-0238

    A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in the UCS Director end-user port... Read more

    Affected Products : unified_computing_system_director
    • Published: Apr. 19, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293508 Results