Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.4

    HIGH
    CVE-2024-56132

    Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)    From 7.... Read more

    • Published: Feb. 05, 2025
    • Modified: Jul. 31, 2025
    • Vuln Type: Injection

  • 8.4

    HIGH
    CVE-2024-56131

    Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue affects:  Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 (inclusive)    From 7.... Read more

    • Published: Feb. 05, 2025
    • Modified: Jul. 31, 2025

  • 4.3

    MEDIUM
    CVE-2025-20207

    A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about ... Read more

    • Published: Feb. 05, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Information Disclosure

  • 4.8

    MEDIUM
    CVE-2025-20205

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.  This vulnerability is due t... Read more

    Affected Products : identity_services_engine
    • Published: Feb. 05, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 4.8

    MEDIUM
    CVE-2025-20204

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.  This vulnerability is due t... Read more

    Affected Products : identity_services_engine
    • Published: Feb. 05, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.7

    MEDIUM
    CVE-2025-20185

    A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate p... Read more

    • Published: Feb. 05, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Authentication

  • 7.2

    HIGH
    CVE-2025-20184

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform command injection attacks against an affected device. Th... Read more

    • Published: Feb. 05, 2025
    • Modified: Aug. 08, 2025
    • Vuln Type: Injection

  • 5.8

    MEDIUM
    CVE-2025-20183

    A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a maliciou... Read more

    • Published: Feb. 05, 2025
    • Modified: Aug. 05, 2025
    • Vuln Type: Misconfiguration

  • 4.8

    MEDIUM
    CVE-2025-20180

    A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Email Gateway could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a u... Read more

    • Published: Feb. 05, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Cross-Site Scripting

  • 6.1

    MEDIUM
    CVE-2025-20179

    A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-b... Read more

    • Published: Feb. 05, 2025
    • Modified: Feb. 05, 2025
    • Vuln Type: Cross-Site Scripting

  • 7.7

    HIGH
    CVE-2025-20176

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP r... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-20175

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP r... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-20174

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP r... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-20173

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP r... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-20172

    A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error hand... Read more

    Affected Products : ios_xe ios ios_xr
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-20171

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP r... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-20170

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP r... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 7.7

    HIGH
    CVE-2025-20169

    A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP r... Read more

    Affected Products : ios_xe ios
    • Published: Feb. 05, 2025
    • Modified: Jul. 03, 2025
    • Vuln Type: Denial of Service

  • 9.1

    CRITICAL
    CVE-2025-20125

    A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorizatio... Read more

    Affected Products : identity_services_engine
    • Published: Feb. 05, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Authorization

  • 9.9

    CRITICAL
    CVE-2025-20124

    A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. This vulnerability is due to insecure deserialization of user-supplied Java byte streams by the a... Read more

    Affected Products : identity_services_engine
    • Published: Feb. 05, 2025
    • Modified: Mar. 28, 2025
    • Vuln Type: Authentication
Showing 20 of 291368 Results