Vulnerabilities > Cisco > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-20126 | Missing Authentication for Critical Function vulnerability in Cisco Spa112 Firmware 1.4.1 A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 9.8 |
| 2023-04-05 | CVE-2023-20073 | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. | 9.8 |
| 2023-03-03 | CVE-2023-20078 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 9.8 |
| 2023-03-01 | CVE-2023-20032 | Out-of-bounds Write vulnerability in multiple products On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code. This vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write. | 9.8 |
| 2023-01-20 | CVE-2023-20025 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device. This vulnerability is due to incorrect user input validation of incoming HTTP packets. | 9.8 |
| 2023-01-02 | CVE-2015-10011 | Improper Encoding or Escaping of Output vulnerability in Cisco Openresolve A vulnerability classified as problematic has been found in OpenDNS OpenResolve. | 9.8 |
| 2022-09-08 | CVE-2022-20923 | Improper Authentication vulnerability in Cisco products A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network. | 9.8 |
| 2022-08-10 | CVE-2022-20827 | OS Command Injection vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. | 10.0 |
| 2022-08-10 | CVE-2022-20842 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. | 9.8 |
| 2022-08-10 | CVE-2022-20841 | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. | 9.0 |