CISA · government feed
Known Exploited Vulnerabilities
Vulnerabilities under active exploitation, mandated by CISA for federal patching.
89 total matches · showing 89
| CVE | Vendor / Product | Status | ||
|---|---|---|---|---|
| CVE-2026-20128 | Cisco Catalyst SD-WAN Manager | Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability | 2026-04-20 | Active |
| CVE-2026-20133 | Cisco Catalyst SD-WAN Manager | Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability | 2026-04-20 | Active |
| CVE-2026-20122 | Cisco Catalyst SD-WAN Manger | Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability | 2026-04-20 | Active |
| CVE-2026-20131 | Cisco Secure Firewall Management Center (FMC) | Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability | 2026-03-19 | Ransomware |
| CVE-2026-20127 | Cisco Catalyst SD-WAN Controller and Manager | Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability | 2026-02-25 | Active |
| CVE-2022-20775 | Cisco SD-WAN | Cisco SD-WAN Path Traversal Vulnerability | 2026-02-25 | Active |
| CVE-2026-20045 | Cisco Unified Communications Manager | Cisco Unified Communications Products Code Injection Vulnerability | 2026-01-21 | Active |
| CVE-2025-20393 | Cisco Multiple Products | Cisco Multiple Products Improper Input Validation Vulnerability | 2025-12-17 | Active |
| CVE-2025-20352 | Cisco IOS and IOS XE | Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability | 2025-09-29 | Active |
| CVE-2025-20333 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense | Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability | 2025-09-25 | Active |
| CVE-2025-20362 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability | 2025-09-25 | Active |
| CVE-2025-20281 | Cisco Identity Services Engine | Cisco Identity Services Engine Injection Vulnerability | 2025-07-28 | Active |
| CVE-2025-20337 | Cisco Identity Services Engine | Cisco Identity Services Engine Injection Vulnerability | 2025-07-28 | Active |
| CVE-2024-20439 | Cisco Smart Licensing Utility | Cisco Smart Licensing Utility Static Credential Vulnerability | 2025-03-31 | Active |
| CVE-2023-20118 | Cisco Small Business RV Series Routers | Cisco Small Business RV Series Routers Command Injection Vulnerability | 2025-03-03 | Active |
| CVE-2014-2120 | Cisco Adaptive Security Appliance (ASA) | Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability | 2024-11-12 | Active |
| CVE-2024-20481 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) | Cisco ASA and FTD Denial-of-Service Vulnerability | 2024-10-24 | Active |
| CVE-2024-20399 | Cisco NX-OS | Cisco NX-OS Command Injection Vulnerability | 2024-07-02 | Active |
| CVE-2024-20353 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) | Cisco ASA and FTD Denial of Service Vulnerability | 2024-04-24 | Active |
| CVE-2024-20359 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) | Cisco ASA and FTD Privilege Escalation Vulnerability | 2024-04-24 | Active |
| CVE-2020-3259 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) | Cisco ASA and FTD Information Disclosure Vulnerability | 2024-02-15 | Ransomware |
| CVE-2023-20273 | Cisco Cisco IOS XE Web UI | Cisco IOS XE Web UI Command Injection Vulnerability | 2023-10-23 | Active |
| CVE-2023-20198 | Cisco IOS XE Web UI | Cisco IOS XE Web UI Privilege Escalation Vulnerability | 2023-10-16 | Active |
| CVE-2023-20109 | Cisco IOS and IOS XE | Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability | 2023-10-10 | Active |
| CVE-2023-20269 | Cisco Adaptive Security Appliance and Firepower Threat Defense | Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability | 2023-09-13 | Ransomware |
| CVE-2016-6415 | Cisco IOS, IOS XR, and IOS XE | Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability | 2023-05-19 | Active |
| CVE-2004-1464 | Cisco IOS | Cisco IOS Denial-of-Service Vulnerability | 2023-05-19 | Active |
| CVE-2017-6742 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability | 2023-04-19 | Active |
| CVE-2020-3153 | Cisco AnyConnect Secure | Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability | 2022-10-24 | Ransomware |
| CVE-2020-3433 | Cisco AnyConnect Secure | Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability | 2022-10-24 | Ransomware |
| CVE-2019-15271 | Cisco RV Series Routers | Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability | 2022-06-08 | Active |
| CVE-2016-6367 | Cisco Adaptive Security Appliance (ASA) | Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability | 2022-05-24 | Active |
| CVE-2016-6366 | Cisco Adaptive Security Appliance (ASA) | Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability | 2022-05-24 | Active |
| CVE-2022-20821 | Cisco IOS XR | Cisco IOS XR Open Port Vulnerability | 2022-05-23 | Active |
| CVE-2009-2055 | Cisco IOS XR | Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability | 2022-03-25 | Active |
| CVE-2010-3035 | Cisco IOS XR | Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability | 2022-03-25 | Active |
| CVE-2015-0666 | Cisco Prime Data Center Network Manager (DCNM) | Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability | 2022-03-25 | Active |
| CVE-2017-3881 | Cisco IOS and IOS XE | Cisco IOS and IOS XE Remote Code Execution Vulnerability | 2022-03-25 | Active |
| CVE-2018-0125 | Cisco VPN Routers | Cisco VPN Routers Remote Code Execution Vulnerability | 2022-03-25 | Active |
| CVE-2018-0147 | Cisco Secure Access Control System (ACS) | Cisco Secure Access Control System Java Deserialization Vulnerability | 2022-03-25 | Active |
| CVE-2017-12231 | Cisco IOS software | Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-12232 | Cisco IOS software | Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-12233 | Cisco IOS software | Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-12234 | Cisco IOS software | Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-12235 | Cisco IOS software | Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-12237 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-12238 | Cisco Catalyst 6800 Series Switches | Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-12240 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2017-12319 | Cisco IOS XE Software | Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-6627 | Cisco IOS and IOS XE Software | Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-6663 | Cisco IOS and IOS XE Software | Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2017-6736 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2017-6737 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2017-6738 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2017-6739 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2017-6740 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2017-6743 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2017-6744 | Cisco IOS software | Cisco IOS Software SNMP Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2018-0151 | Cisco IOS and IOS XE Software | Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability | 2022-03-03 | Active |
| CVE-2018-0154 | Cisco IOS Software | Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2018-0155 | Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches | Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2018-0156 | Cisco IOS Software and Cisco IOS XE Software | Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2018-0158 | Cisco IOS Software and Cisco IOS XE Software | Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability | 2022-03-03 | Active |
| CVE-2018-0159 | Cisco IOS Software and Cisco IOS XE Software | Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2018-0161 | Cisco IOS Software | Cisco IOS Software Resource Management Errors Vulnerability | 2022-03-03 | Active |
| CVE-2018-0167 | Cisco IOS, XR, and XE Software | Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2018-0172 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software Improper Input Validation Vulnerability | 2022-03-03 | Active |
| CVE-2018-0173 | Cisco IOS and IOS XE Software | Cisco IOS and IOS XE Software Improper Input Validation Vulnerability | 2022-03-03 | Active |
| CVE-2018-0174 | Cisco IOS XE Software | Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability | 2022-03-03 | Active |
| CVE-2018-0175 | Cisco IOS, XR, and XE Software | Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2018-0179 | Cisco IOS Software | Cisco IOS Software Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2018-0180 | Cisco IOS Software | Cisco IOS Software Denial-of-Service Vulnerability | 2022-03-03 | Active |
| CVE-2019-1652 | Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers | Cisco Small Business Routers Improper Input Validation Vulnerability | 2022-03-03 | Active |
| CVE-2022-20699 | Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers | Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2022-20700 | Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers | Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2022-20701 | Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers | Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2022-20703 | Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers | Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2022-20708 | Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers | Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability | 2022-03-03 | Active |
| CVE-2018-0296 | Cisco Adaptive Security Appliance (ASA) | Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability | 2021-11-03 | Active |
| CVE-2019-1653 | Cisco Small Business RV320 and RV325 Routers | Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability | 2021-11-03 | Active |
| CVE-2020-3161 | Cisco Cisco IP Phones | Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability | 2021-11-03 | Active |
| CVE-2020-3569 | Cisco IOS XR | Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability | 2021-11-03 | Active |
| CVE-2020-3566 | Cisco IOS XR | Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability | 2021-11-03 | Active |
| CVE-2020-3118 | Cisco IOS XR | Cisco IOS XR Software Discovery Protocol Format String Vulnerability | 2021-11-03 | Active |
| CVE-2018-0171 | Cisco IOS and IOS XE | Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability | 2021-11-03 | Active |
| CVE-2021-1498 | Cisco HyperFlex HX | Cisco HyperFlex HX Data Platform Command Injection Vulnerability | 2021-11-03 | Active |
| CVE-2021-1497 | Cisco HyperFlex HX | Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability | 2021-11-03 | Active |
| CVE-2020-3580 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) | Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability | 2021-11-03 | Ransomware |
| CVE-2020-3452 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) | Cisco ASA and FTD Read-Only Path Traversal Vulnerability | 2021-11-03 | Active |
Feedback
How was this page?
Spotted something off, or have an idea? Let us know.