Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2024-20493

    A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny fu... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.7

    MEDIUM
    CVE-2024-20485

    A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-le... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.5

    MEDIUM
    CVE-2024-20482

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to elevate privileges on an affected device. To e... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 5.8

    MEDIUM
    CVE-2024-20481

    A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN ... Read more

    • Actively Exploited
    • Published: Oct. 23, 2024
    • Modified: Oct. 29, 2024

  • 6.5

    MEDIUM
    CVE-2024-20474

    A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer und... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.5

    MEDIUM
    CVE-2024-20473

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the ... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.5

    MEDIUM
    CVE-2024-20472

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the ... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.5

    MEDIUM
    CVE-2024-20471

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the ... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 5.8

    MEDIUM
    CVE-2024-20431

    A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocati... Read more

    Affected Products : firepower_threat_defense
    • Published: Oct. 23, 2024
    • Modified: Nov. 05, 2024

  • 8.6

    HIGH
    CVE-2024-20426

    A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a de... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 05, 2024

  • 9.9

    CRITICAL
    CVE-2024-20424

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying o... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 01, 2024

  • 6.1

    MEDIUM
    CVE-2024-20415

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 9.3

    CRITICAL
    CVE-2024-20412

    A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to th... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 05, 2024

  • 6.1

    MEDIUM
    CVE-2024-20410

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 6.1

    MEDIUM
    CVE-2024-20409

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 7.7

    HIGH
    CVE-2024-20408

    A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpect... Read more

    • Published: Oct. 23, 2024
    • Modified: Aug. 01, 2025

  • 5.8

    MEDIUM
    CVE-2024-20407

    A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Dev... Read more

    Affected Products : firepower_threat_defense
    • Published: Oct. 23, 2024
    • Modified: Aug. 05, 2025

  • 5.4

    MEDIUM
    CVE-2024-20403

    A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. T... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024

  • 8.6

    HIGH
    CVE-2024-20402

    A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in ... Read more

    • Published: Oct. 23, 2024
    • Modified: Jul. 15, 2025

  • 5.3

    MEDIUM
    CVE-2024-20388

    A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication... Read more

    • Published: Oct. 23, 2024
    • Modified: Nov. 26, 2024
Showing 20 of 294522 Results