Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity). 2 are already weaponised in the wild — see the Exploited section.
Cisco ADE-OS Local File Inclusion Vulnerability
CVEs:CVE-2021-1306
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-111903 | affected | Cisco | — | — |
| CVRFPID-190324 | affected | Cisco | — | — |
| CVRFPID-213688 | affected | Cisco | — | — |
Cisco Modeling Labs Web UI Command Injection Vulnerability
CVEs:CVE-2021-1531
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-277905 | affected | Cisco | — | — |
Cisco DNA Spaces Connector Command Injection Vulnerabilities
CVEs:CVE-2021-1559CVE-2021-1560
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271288 | affected | Cisco | — | — |
Cisco DNA Spaces Connector Privilege Escalation Vulnerabilities
CVEs:CVE-2021-1557CVE-2021-1558
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271288 | affected | Cisco | — | — |
Cisco Finesse Open Redirect Vulnerability
CVEs:CVE-2021-1358
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-193469 | affected | Cisco | — | — |
| CVRFPID-244955 | affected | Cisco | — | — |
| CVRFPID-92631 | affected | Cisco | — | — |
Cisco Finesse Cross-Site Scripting Vulnerabilities
CVEs:CVE-2021-1254
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-193469 | affected | Cisco | — | — |
| CVRFPID-244955 | affected | Cisco | — | — |
| CVRFPID-92631 | affected | Cisco | — | — |
Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Command Injection Vulnerability
CVEs:CVE-2021-1487
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-190324 | affected | Cisco | — | — |
| CVRFPID-213688 | affected | Cisco | — | — |
Cisco Small Business 100, 300, and 500 Series Wireless Access Points Command Injection Vulnerabilities
CVEs:CVE-2021-1547CVE-2021-1554CVE-2021-1555CVE-2021-1552CVE-2021-1550CVE-2021-1553CVE-2021-1549CVE-2021-1548CVE-2021-1551
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-280012 | affected | Cisco | — | — |
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021
CVEs:CVE-2020-26144CVE-2020-26141CVE-2020-26146CVE-2020-26147CVE-2020-26140CVE-2020-26142CVE-2020-26143CVE-2020-26145CVE-2020-26139CVE-2020-24587CVE-2020-24586CVE-2020-24588
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-190024 | affected | Cisco | — | — |
| CVRFPID-277607 | affected | Cisco | — | — |
| CVRFPID-278404 | affected | Cisco | — | — |
| CVRFPID-278888 | affected | Cisco | — | — |
| CVRFPID-280012 | affected | Cisco | — | — |
| CVRFPID-280019 | affected | Cisco | — | — |
Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities
CVEs:CVE-2021-1426CVE-2021-1427CVE-2021-1428CVE-2021-1429CVE-2021-1430CVE-2021-1496
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-109810 | affected | Cisco | — | — |
Cisco AnyConnect Secure Mobility Client Profile Modification Vulnerability
CVEs:CVE-2021-1519
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-109810 | affected | Cisco | — | — |
Cisco BroadWorks Messaging Server XML External Entity Injection Vulnerability
CVEs:CVE-2021-1530
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-282087 | affected | Cisco | — | — |
Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability
CVEs:CVE-2021-1516
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-189789 | affected | Cisco | — | — |
| CVRFPID-189790 | affected | Cisco | — | — |
| CVRFPID-189791 | affected | Cisco | — | — |
Cisco HyperFlex HX Command Injection Vulnerabilities
CVEs:CVE-2021-1497CVE-2021-1498
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-247050 | affected | Cisco | — | — |
Cisco HyperFlex HX Data Platform File Upload Vulnerability
CVEs:CVE-2021-1499
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-247050 | affected | Cisco | — | — |
Cisco Integrated Management Controller Open Redirect Vulnerability
CVEs:CVE-2021-1397
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-201970 | affected | Cisco | — | — |
| CVRFPID-235874 | affected | Cisco | — | — |
Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerabilities
CVEs:CVE-2021-1363CVE-2021-1365
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-189784 | affected | Cisco | — | — |
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability
CVEs:CVE-2021-1521
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-274000 | affected | Cisco | — | — |
Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability
CVEs:CVE-2021-1421
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-235874 | affected | Cisco | — | — |
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Local Privilege Escalation Vulnerability
CVEs:CVE-2021-1520
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-183630 | affected | Cisco | — | — |
Cisco Small Business 100, 300, and 500 Series Wireless Access Points Vulnerabilities
CVEs:CVE-2021-1400CVE-2021-1401
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-280012 | affected | Cisco | — | — |
Cisco SD-WAN vManage Software Vulnerabilities
CVEs:CVE-2021-1275CVE-2021-1468CVE-2021-1505CVE-2021-1506CVE-2021-1508
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271450 | affected | Cisco | — | — |
Cisco SD-WAN vManage Information Disclosure Vulnerability
CVEs:CVE-2021-1515
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271450 | affected | Cisco | — | — |
Cisco SD-WAN vManage Software Authentication Bypass Vulnerability
CVEs:CVE-2021-1284
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271450 | affected | Cisco | — | — |
Cisco SD-WAN Software Arbitrary File Corruption Vulnerability
CVEs:CVE-2021-1512
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-238692 | affected | Cisco | — | — |
| CVRFPID-271450 | affected | Cisco | — | — |
| CVRFPID-278041 | affected | Cisco | — | — |
| CVRFPID-278078 | affected | Cisco | — | — |
| CVRFPID-278124 | affected | Cisco | — | — |
Cisco SD-WAN vEdge Software Buffer Overflow Vulnerabilities
CVEs:CVE-2021-1511CVE-2021-1510CVE-2021-1509
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-278041 | affected | Cisco | — | — |
| CVRFPID-278078 | affected | Cisco | — | — |
Cisco SD-WAN Software vDaemon Denial of Service Vulnerability
CVEs:CVE-2021-1513
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-238692 | affected | Cisco | — | — |
| CVRFPID-271450 | affected | Cisco | — | — |
| CVRFPID-278041 | affected | Cisco | — | — |
| CVRFPID-278078 | affected | Cisco | — | — |
| CVRFPID-278124 | affected | Cisco | — | — |
Cisco SD-WAN Software Privilege Escalation Vulnerability
CVEs:CVE-2021-1514
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-238692 | affected | Cisco | — | — |
| CVRFPID-271450 | affected | Cisco | — | — |
| CVRFPID-278041 | affected | Cisco | — | — |
| CVRFPID-278078 | affected | Cisco | — | — |
| CVRFPID-278124 | affected | Cisco | — | — |
Cisco SD-WAN vManage Information Disclosure Vulnerability
CVEs:CVE-2021-1535
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271450 | affected | Cisco | — | — |
Cisco SD-WAN vManage Software Information Disclosure Vulnerability
CVEs:CVE-2021-1234
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271450 | affected | Cisco | — | — |
Cisco Content Security Management Appliance Privilege Escalation Vulnerability
CVEs:CVE-2021-1447
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-189791 | affected | Cisco | — | — |
Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Read Vulnerability
CVEs:CVE-2021-1532
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-278404 | affected | Cisco | — | — |
Cisco Hosted Collaboration Mediation Fulfillment Denial of Service Vulnerability
CVEs:CVE-2021-1478
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-88444 | affected | Cisco | — | — |
Cisco SD-WAN vManage HTTP Authentication User Enumeration Vulnerability
CVEs:CVE-2021-1486
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271450 | affected | Cisco | — | — |
Cisco SD-WAN vManage API Stored Cross-Site Scripting Vulnerability
CVEs:CVE-2021-1507
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-271450 | affected | Cisco | — | — |
Cisco Wide Area Application Services Software Information Disclosure Vulnerability
CVEs:CVE-2021-1438
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-7367 | affected | Cisco | — | — |
Cisco Web Security Appliance Cross-Site Scripting Vulnerability
CVEs:CVE-2021-1490
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| CVRFPID-189789 | affected | Cisco | — | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.