Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20327
A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent malicious user to crash the ppp_ma process, resulting in a denial of service (DoS) conditi...
NA
CVE-2024-20262
A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could allow an authenticated, local malicious user to create or overwrite files in a system directory, which could lead to a denial of service (DoS) condition. The attacker would require v...
NA
CVE-2024-20266
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote malicious user to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4...
NA
CVE-2024-20292
A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local malicious user to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted reg...
NA
CVE-2024-20335
A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote malicious user to perform command injection attacks against an affected device. In order to exploit this vulnerability, the att...
NA
CVE-2024-20337
A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote malicious user to conduct a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insufficient validation of user-supplied inp...
1 Github repository
1 Article
NA
CVE-2024-20346
A vulnerability in the web-based management interface of Cisco AppDynamics Controller could allow an authenticated, remote malicious user to perform a reflected cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to i...
NA
CVE-2024-20301
A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical malicious user to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessi...
NA
CVE-2024-20338
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local malicious user to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could ...
NA
CVE-2024-20345
A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote malicious user to conduct directory traversal attacks on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attac...
2 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »