Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2021-1379

    Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a relo... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 18, 2024

  • 7.4

    HIGH
    CVE-2021-1285

    Multiple Cisco products are affected by a vulnerability in the Ethernet Frame Decoder of the Snort detection engine that could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to impr... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 18, 2024

  • 5.3

    MEDIUM
    CVE-2021-1234

    A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be affected by this vulnerability, the vManage software must ... Read more

    Affected Products : catalyst_sd-wan_manager
    • Published: Nov. 18, 2024
    • Modified: Aug. 04, 2025

  • 6.5

    MEDIUM
    CVE-2021-1232

    A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an affected system. This vulnerability is due to insufficien... Read more

    Affected Products : catalyst_sd-wan_manager
    • Published: Nov. 18, 2024
    • Modified: Aug. 04, 2025

  • 7.5

    HIGH
    CVE-2021-1132

    A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management inte... Read more

    Affected Products : network_services_orchestrator
    • Published: Nov. 18, 2024
    • Modified: Aug. 05, 2025

  • 7.5

    HIGH
    CVE-2020-3548

    A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause high CPU usage on an affected device, resul... Read more

    • Published: Nov. 18, 2024
    • Modified: Jul. 31, 2025

  • 6.3

    MEDIUM
    CVE-2020-3539

    A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit ... Read more

    • Published: Nov. 18, 2024
    • Modified: Jul. 31, 2025

  • 8.1

    HIGH
    CVE-2020-3538

    A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. The vulnerability is due to insufficient path... Read more

    • Published: Nov. 18, 2024
    • Modified: Aug. 06, 2025

  • 6.1

    MEDIUM
    CVE-2020-3532

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco U... Read more

    • Published: Nov. 18, 2024
    • Modified: Nov. 18, 2024

  • 4.3

    MEDIUM
    CVE-2020-3525

    A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion ... Read more

    Affected Products : identity_services_engine
    • Published: Nov. 18, 2024
    • Modified: Jun. 24, 2025

  • 6.1

    MEDIUM
    CVE-2020-3431

    A vulnerability in the web-based management interface of Cisco Small Business RV042 Dual WAN VPN Routers and Cisco Small Business RV042G Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripti... Read more

    • Published: Nov. 18, 2024
    • Modified: Nov. 18, 2024

  • 5.4

    MEDIUM
    CVE-2020-3420

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cros... Read more

    Affected Products : unified_communications_manager
    • Published: Nov. 18, 2024
    • Modified: Aug. 06, 2025

  • 8.6

    HIGH
    CVE-2020-27124

    A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition. The vulne... Read more

    • Published: Nov. 18, 2024
    • Modified: Aug. 01, 2025

  • 7.8

    HIGH
    CVE-2020-26074

    A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path ... Read more

    Affected Products : catalyst_sd-wan_manager
    • Published: Nov. 18, 2024
    • Modified: Aug. 04, 2025

  • 7.5

    HIGH
    CVE-2020-26073

    A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal charac... Read more

    Affected Products : catalyst_sd-wan_manager
    • Published: Nov. 18, 2024
    • Modified: Aug. 04, 2025

  • 8.4

    HIGH
    CVE-2020-26071

    A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to create or overwrite arbitrary files on an affected device, which could result in a denial of service (DoS) condition. The vulnerability is due to ins... Read more

    • Published: Nov. 18, 2024
    • Modified: Aug. 04, 2025

  • 5.4

    MEDIUM
    CVE-2020-26063

    A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization. The vulnerability is due to improper ... Read more

    Affected Products : unified_computing_system
    • Published: Nov. 18, 2024
    • Modified: Nov. 18, 2024

  • 5.3

    MEDIUM
    CVE-2020-26062

    A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back f... Read more

    Affected Products : unified_computing_system
    • Published: Nov. 18, 2024
    • Modified: Aug. 06, 2025

  • 7.6

    HIGH
    CVE-2024-52436

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Post SMTP allows Blind SQL Injection.This issue affects Post SMTP: from n/a through 2.9.9.... Read more

    Affected Products : post_smtp
    • Published: Nov. 18, 2024
    • Modified: Nov. 20, 2024

  • 7.6

    HIGH
    CVE-2024-52435

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in W3 Eden, Inc. Premium Packages allows SQL Injection.This issue affects Premium Packages: from n/a through 5.9.3.... Read more

    • Published: Nov. 18, 2024
    • Modified: Nov. 20, 2024
Showing 20 of 291737 Results