Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-24 | CVE-2021-1387 | Memory Leak vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2021-02-24 | CVE-2021-1368 | Out-of-bounds Write vulnerability in Cisco Nx-Os and Unified Computing System A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. | 8.8 |
| 2021-02-24 | CVE-2021-1230 | Unspecified vulnerability in Cisco Nx-Os A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition. | 7.5 |
| 2021-02-24 | CVE-2021-1227 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Nx-Os A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.1 |
| 2021-02-17 | CVE-2021-1378 | Resource Exhaustion vulnerability in Cisco Staros A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. | 7.5 |
| 2021-02-17 | CVE-2021-1366 | Uncontrolled Search Path Element vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. | 7.8 |
| 2021-02-04 | CVE-2021-1370 | OS Command Injection vulnerability in Cisco IOS XR A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. | 7.8 |
| 2021-02-04 | CVE-2021-1348 | Stack-based Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. | 7.2 |
| 2021-02-04 | CVE-2021-1347 | Stack-based Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. | 7.2 |
| 2021-02-04 | CVE-2021-1346 | Stack-based Buffer Overflow vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. | 7.2 |