Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2025-20265

    A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.  This vulnerabilit... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 16, 2025
    • Vuln Type: Injection

  • 8.6

    HIGH
    CVE-2025-20263

    A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affe... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 5.8

    MEDIUM
    CVE-2025-20254

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 8.6

    HIGH
    CVE-2025-20253

    A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA Software, and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a DoS condition. This vulnera... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 5.8

    MEDIUM
    CVE-2025-20252

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 8.5

    HIGH
    CVE-2025-20251

    A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to create or delete arbitrary f... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Path Traversal

  • 7.7

    HIGH
    CVE-2025-20244

    A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote attacker that is authenticated as a VPN user to cause th... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 8.6

    HIGH
    CVE-2025-20243

    A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerabi... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 8.6

    HIGH
    CVE-2025-20239

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, re... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 6.0

    MEDIUM
    CVE-2025-20238

    A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with ... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Authorization

  • 6.0

    MEDIUM
    CVE-2025-20237

    A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with ... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025

  • 6.1

    MEDIUM
    CVE-2025-20235

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnera... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Cross-Site Scripting

  • 5.8

    MEDIUM
    CVE-2025-20225

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, re... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 5.8

    MEDIUM
    CVE-2025-20224

    A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Memory Corruption

  • 8.6

    HIGH
    CVE-2025-20222

    A vulnerability in the RADIUS proxy feature for the IPsec VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a de... Read more

    Affected Products : firepower_threat_defense
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 6.0

    MEDIUM
    CVE-2025-20220

    A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as r... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Injection

  • 5.3

    MEDIUM
    CVE-2025-20219

    A vulnerability in the implementation of access control rules for loopback interfaces in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attack... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Authorization

  • 4.9

    MEDIUM
    CVE-2025-20218

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to insuff... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Information Disclosure

  • 8.6

    HIGH
    CVE-2025-20217

    A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected devic... Read more

    Affected Products : firepower_threat_defense
    • Published: Aug. 14, 2025
    • Modified: Aug. 15, 2025
    • Vuln Type: Denial of Service

  • 8.5

    HIGH
    CVE-2025-20148

    A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due t... Read more

    • Published: Aug. 14, 2025
    • Modified: Aug. 25, 2025
    • Vuln Type: Cross-Site Scripting
Showing 20 of 291638 Results