Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.1

    HIGH
    CVE-2019-1841

    A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-suppli... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %1.15
    • Published: Apr. 18, 2019
    • Modified: Jul. 23, 2025

  • 5.4

    MEDIUM
    CVE-2019-15253

    A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interfa... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.16
    • Published: Feb. 05, 2020
    • Modified: Jul. 23, 2025

  • 6.1

    MEDIUM
    CVE-2020-3466

    Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerabi... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.35
    • Published: Aug. 26, 2020
    • Modified: Jul. 23, 2025

  • 4.3

    MEDIUM
    CVE-2021-34782

    A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid device credentials. This vulnerability is due to improp... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.13
    • Published: Oct. 06, 2021
    • Modified: Jul. 23, 2025

  • 8.8

    HIGH
    CVE-2023-20182

    Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.21
    • Published: May. 18, 2023
    • Modified: Jul. 23, 2025

  • 6.5

    MEDIUM
    CVE-2023-20059

    A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. The attacker must have valid low-privileged user credential... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.10
    • Published: Mar. 23, 2023
    • Modified: Jul. 23, 2025

  • 7.7

    HIGH
    CVE-2021-1265

    A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. The vulnerability is due to the configurati... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.11
    • Published: Jan. 20, 2021
    • Modified: Jul. 23, 2025

  • 8.8

    HIGH
    CVE-2021-1257

    A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions w... Read more

    • EPSS Score: %0.12
    • Published: Jan. 20, 2021
    • Modified: Jul. 23, 2025

  • 9.6

    CRITICAL
    CVE-2021-1264

    A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exp... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.91
    • Published: Jan. 20, 2021
    • Modified: Jul. 23, 2025

  • 5.4

    MEDIUM
    CVE-2019-1707

    A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerab... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.17
    • Published: Mar. 11, 2019
    • Modified: Jul. 23, 2025

  • 4.4

    MEDIUM
    CVE-2022-20630

    A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker w... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.06
    • Published: Feb. 10, 2022
    • Modified: Jul. 23, 2025

  • 7.4

    HIGH
    CVE-2021-1134

    A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to an incomplete valid... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.20
    • Published: Jun. 29, 2021
    • Modified: Jul. 23, 2025

  • 5.4

    MEDIUM
    CVE-2023-20184

    Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.12
    • Published: May. 18, 2023
    • Modified: Jul. 23, 2025

  • 5.4

    MEDIUM
    CVE-2023-20183

    Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.15
    • Published: May. 18, 2023
    • Modified: Jul. 23, 2025

  • 8.8

    HIGH
    CVE-2023-20055

    A vulnerability in the management API of Cisco DNA Center could allow an authenticated, remote attacker to elevate privileges in the context of the web-based management interface on an affected device. This vulnerability is due to the unintended exposure ... Read more

    Affected Products : dna_center catalyst_center
    • EPSS Score: %0.77
    • Published: Mar. 23, 2023
    • Modified: Jul. 23, 2025

  • 7.6

    HIGH
    CVE-2025-53528

    Cadwyn creates production-ready community-driven modern Stripe-like API versioning in FastAPI. In versions before 5.4.3, the version parameter of the "/docs" endpoint is vulnerable to a Reflected XSS (Cross-Site Scripting) attack. This XSS would notably a... Read more

    Affected Products :
    • Published: Jul. 21, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.5

    MEDIUM
    CVE-2025-47268

    ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication.... Read more

    Affected Products : iputils iputils
    • Published: May. 05, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2025-29480

    Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced.... Read more

    Affected Products : gdal
    • Published: Apr. 07, 2025
    • Modified: Jul. 23, 2025
    • Vuln Type: Memory Corruption

  • 2.3

    LOW
    CVE-2024-23591

    ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel... Read more

    • Published: Feb. 16, 2024
    • Modified: Jul. 23, 2025

  • 7.5

    HIGH
    CVE-2024-20380

    A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker... Read more

    Affected Products : clamav
    • Published: Apr. 18, 2024
    • Modified: Jul. 23, 2025
Showing 20 of 291890 Results