Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2025-1252

    Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 be... Read more

    Affected Products : connext_professional
    • Published: May. 08, 2025
    • Modified: Jul. 31, 2025

  • 6.9

    MEDIUM
    CVE-2024-52059

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext P... Read more

    Affected Products : connext_professional
    • Published: Dec. 13, 2024
    • Modified: Jul. 31, 2025

  • 4.3

    MEDIUM
    CVE-2025-20272

    A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is du... Read more

    • Published: Jul. 16, 2025
    • Modified: Jul. 31, 2025

  • 6.0

    MEDIUM
    CVE-2025-20155

    A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read... Read more

    Affected Products : ios_xe
    • Published: May. 07, 2025
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2022-20632

    A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based managem... Read more

    Affected Products : enterprise_chat_and_email
    • Published: Nov. 15, 2024
    • Modified: Jul. 31, 2025

  • 5.3

    MEDIUM
    CVE-2022-20633

    A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication resp... Read more

    Affected Products : enterprise_chat_and_email
    • Published: Nov. 15, 2024
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2022-20631

    A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based managem... Read more

    Affected Products : enterprise_chat_and_email
    • Published: Nov. 15, 2024
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2022-20657

    A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. This vulnerability exists because t... Read more

    • Published: Nov. 15, 2024
    • Modified: Jul. 31, 2025

  • 6.5

    MEDIUM
    CVE-2022-20656

    A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid ... Read more

    • Published: Nov. 15, 2024
    • Modified: Jul. 31, 2025

  • 6.8

    MEDIUM
    CVE-2015-4274

    Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence Center 10.0(1) and 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuu94862 and CSCuu97936.... Read more

    • EPSS Score: %0.12
    • Published: Jul. 16, 2015
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2019-1670

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. T... Read more

    • EPSS Score: %0.17
    • Published: Feb. 07, 2019
    • Modified: Jul. 31, 2025

  • 7.8

    HIGH
    CVE-2017-6779

    Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of ser... Read more

    • EPSS Score: %1.28
    • Published: Jun. 07, 2018
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2017-12248

    A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerabi... Read more

    • EPSS Score: %0.23
    • Published: Sep. 21, 2017
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2021-1463

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists b... Read more

    • EPSS Score: %0.34
    • Published: Apr. 08, 2021
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2021-1395

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because th... Read more

    • EPSS Score: %0.32
    • Published: Jun. 16, 2021
    • Modified: Jul. 31, 2025

  • 8.8

    HIGH
    CVE-2017-12253

    A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulner... Read more

    • EPSS Score: %0.33
    • Published: Sep. 21, 2017
    • Modified: Jul. 31, 2025

  • 7.4

    HIGH
    CVE-2019-1658

    A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulne... Read more

    • EPSS Score: %0.19
    • Published: Jan. 24, 2019
    • Modified: Jul. 31, 2025

  • 6.8

    MEDIUM
    CVE-2015-0740

    Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus28826.... Read more

    • EPSS Score: %0.12
    • Published: May. 20, 2015
    • Modified: Jul. 31, 2025

  • 6.1

    MEDIUM
    CVE-2017-12254

    A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation... Read more

    • EPSS Score: %0.32
    • Published: Sep. 21, 2017
    • Modified: Jul. 31, 2025

  • 10.0

    HIGH
    CVE-2017-12337

    A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerabi... Read more

    • EPSS Score: %12.27
    • Published: Nov. 16, 2017
    • Modified: Jul. 31, 2025
Showing 20 of 291024 Results