Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-08 | CVE-2020-3544 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute arbitrary code on an affected device or cause the device to reload. | 8.8 |
| 2020-10-08 | CVE-2020-3543 | Memory Leak vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service (DoS) condition on an affected device. | 6.5 |
| 2020-10-08 | CVE-2020-3536 | Cross-site Scripting vulnerability in Cisco Sd-Wan A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 5.4 |
| 2020-10-08 | CVE-2020-3535 | Uncontrolled Search Path Element vulnerability in Cisco Webex Teams A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for Windows could allow an authenticated, local attacker to load a malicious library. | 8.4 |
| 2020-10-08 | CVE-2020-3467 | Incorrect Authorization vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. | 7.7 |
| 2020-10-08 | CVE-2020-3320 | Cross-site Scripting vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 5.4 |
| 2020-09-24 | CVE-2020-3560 | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. | 8.6 |
| 2020-09-24 | CVE-2020-3552 | NULL Pointer Dereference vulnerability in Cisco products A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 7.4 |
| 2020-09-24 | CVE-2020-3527 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. | 8.6 |
| 2020-09-24 | CVE-2020-3526 | Improper Input Validation vulnerability in Cisco IOS XE 17.2 A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. | 8.6 |