Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2011-4023
Cisco NX-OS Allocation of Resources Without Limits or Throttling (CVE-2011-4023)
Description: Tenable OT Security Plugin ID 503154 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows remote authenticated users to cause a denial of service (memory consumption) via SNMP requests, aka Bug ID CSCtr65682.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503154
Source: Tenable Plugins
April 11th, 2025 (6 days ago)

CVE-2003-1109
Cisco IP Phones Denial of Service (CVE-2003-1109)
Description: Tenable OT Security Plugin ID 503155 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503155
Source: Tenable Plugins
April 11th, 2025 (6 days ago)

CVE-2008-4444
Cisco IP Phones Improper Input Validation (CVE-2008-4444)
Description: Tenable OT Security Plugin ID 503156 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503156
Source: Tenable Plugins
April 11th, 2025 (6 days ago)

CVE-2011-2545
Cisco IP Phones Improper Neutralization of Input During Web Page Generation (CVE-2011-2545)
Description: Tenable OT Security Plugin ID 503157 with Medium Severity Synopsis The remote OT asset is affected by a vulnerability. Description Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka Bug IDs CSCtr27277, CSCtr27256, CSCtr27274, and CSCtr14715.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503157
Source: Tenable Plugins
April 11th, 2025 (6 days ago)
Unraveling the U.S. toll road smishing scams
Description: Cisco Talos has observed a widespread and ongoing financial theft SMS phishing (smishing) campaign since October 2024 that targets toll road users in the United States of America.  
Source: Cisco Talos Blog
April 10th, 2025 (7 days ago)

CVE-2009-0627
Cisco (CVE-2009-0627)
Description: Tenable OT Security Plugin ID 503153 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified sequence of TCP packets related to TCP State manipulation, possibly related to separate attacks against CVE-2008-4609.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503153
Source: Tenable Plugins
April 9th, 2025 (8 days ago)
One mighty fine-looking report
Description: Hazel highlights the key findings within Cisco Talos’ 2024 Year in Review (now available for download) and details our active tracking of an ongoing campaign targeting users in Ukraine with malicious LNK files.
Source: Cisco Talos Blog
April 3rd, 2025 (14 days ago)

CVE-2025-20212
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote...
Description: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must have valid VPN user credentials on the affected device. This vulnerability exists because a variable is not initialized when an SSL VPN session is established. An attacker could exploit this vulnerability by supplying crafted attributes while establishing an SSL VPN session with an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN sessions and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers without manual intervention.

CVSS: HIGH (7.7)

EPSS Score: 0.12%

SSVC Exploitation: none

Source: CVE
April 2nd, 2025 (15 days ago)

CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could...
Description: A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials. {{value}} ["%7b%7bvalue%7d%7d"])}]]

CVSS: MEDIUM (4.8)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE
April 2nd, 2025 (15 days ago)

CVE-2025-20139
A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a...
Description: A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit this vulnerability by sending malicious requests to a messaging chat entry point in the affected application. A successful exploit could allow the attacker to cause the application to stop responding, resulting in a DoS condition. The application may not recover on its own and may need an administrator to manually restart services to recover.

CVSS: HIGH (7.5)

EPSS Score: 0.1%

SSVC Exploitation: none

Source: CVE
April 2nd, 2025 (15 days ago)