Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Dec 13, 2024 |
CVE-2024-50623
Ransomware |
Cleo Multiple Products |
Cleo Multiple Products Unrestricted File Upload Vulnerability
Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code executio…
|
— | 94.0% |
| Dec 10, 2024 | CVE-2024-49138 | Microsoft Windows |
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.
|
— | 87.0% |
| Dec 4, 2024 |
CVE-2024-51378
Ransomware |
CyberPersons CyberPanel |
CyberPanel Incorrect Default Permissions Vulnerability
CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the …
|
— | 93.9% |
| Dec 3, 2024 | CVE-2023-45727 | North Grid Proself |
North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability
North Grid Proself Enterprise/Standard, Gateway, and Mail Sanitize contain an improper restriction of XML External Entity (XXE) reference vulnerability, which could allow a remote…
|
— | 21.0% |
| Dec 3, 2024 |
CVE-2024-11667
Ransomware |
Zyxel Multiple Firewalls |
Zyxel Multiple Firewalls Path Traversal Vulnerability
Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.
|
— | 28.9% |
| Dec 3, 2024 | CVE-2024-11680 | ProjectSend ProjectSend |
ProjectSend Improper Authentication Vulnerability
ProjectSend contains an improper authentication vulnerability that allows a remote, unauthenticated attacker to enable unauthorized modification of the application's configuration…
|
— | 93.5% |
| Nov 25, 2024 |
CVE-2023-28461
Ransomware |
Array Networks AG/vxAG ArrayOS |
Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability
Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN…
|
— | 89.3% |
| Nov 21, 2024 | CVE-2024-21287 | Oracle Agile Product Lifecycle Management (PLM) |
Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability
Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful ex…
|
— | 69.8% |
| Nov 21, 2024 | CVE-2024-44308 | Apple Multiple Products |
Apple Multiple Products Code Execution Vulnerability
Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to arbitrary code execution.
|
— | 1.0% |
| Nov 21, 2024 | CVE-2024-44309 | Apple Multiple Products |
Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability
Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attac…
|
— | 0.9% |
| Nov 20, 2024 | CVE-2024-38812 | VMware vCenter Server |
VMware vCenter Server Heap-Based Buffer Overflow Vulnerability
VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network acc…
|
— | 77.9% |
| Nov 20, 2024 | CVE-2024-38813 | VMware vCenter Server |
VMware vCenter Server Privilege Escalation Vulnerability
VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate pr…
|
— | 29.5% |
| Nov 18, 2024 |
CVE-2024-0012
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrat…
|
— | 94.3% |
| Nov 18, 2024 | CVE-2024-1212 | Progress Kemp LoadMaster |
Progress Kemp LoadMaster OS Command Injection Vulnerability
Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management inte…
|
— | 94.3% |
| Nov 18, 2024 |
CVE-2024-9474
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, …
|
— | 94.2% |
| Nov 14, 2024 | CVE-2024-9463 | Palo Alto Networks Expedition |
Palo Alto Networks Expedition OS Command Injection Vulnerability
Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting …
|
— | 94.2% |
| Nov 14, 2024 | CVE-2024-9465 | Palo Alto Networks Expedition |
Palo Alto Networks Expedition SQL Injection Vulnerability
Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usern…
|
— | 94.3% |
| Nov 12, 2024 | CVE-2014-2120 | Cisco Adaptive Security Appliance (ASA) |
Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability
Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrar…
|
— | 75.1% |
| Nov 12, 2024 | CVE-2021-26086 | Atlassian Jira Server and Data Center |
Atlassian Jira Server and Data Center Path Traversal Vulnerability
Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint.
|
— | 94.2% |
| Nov 12, 2024 | CVE-2021-41277 | Metabase Metabase |
Metabase GeoJSON API Local File Inclusion Vulnerability
Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data.
|
— | 94.4% |
| Nov 12, 2024 | CVE-2024-43451 | Microsoft Windows |
Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability
Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could …
|
— | 90.3% |
| Nov 12, 2024 |
CVE-2024-49039
Ransomware |
Microsoft Windows |
Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppCont…
|
— | 65.0% |
| Nov 7, 2024 | CVE-2019-16278 | Nostromo nhttpd |
Nostromo nhttpd Directory Traversal Vulnerability
Nostromo nhttpd contains a directory traversal vulnerability in the http_verify() function in a non-chrooted nhttpd server allowing for remote code execution.
|
— | 94.4% |
| Nov 7, 2024 | CVE-2024-43093 | Android Framework |
Android Framework Privilege Escalation Vulnerability
Android Framework contains an unspecified vulnerability that allows for privilege escalation.
|
— | 0.1% |
| Nov 7, 2024 |
CVE-2024-51567
Ransomware |
CyberPersons CyberPanel |
CyberPanel Incorrect Default Permissions Vulnerability
CyberPanel contains an incorrect default permissions vulnerability that allows a remote, unauthenticated attacker to execute commands as root.
|
— | 94.3% |
| Nov 7, 2024 | CVE-2024-5910 | Palo Alto Networks Expedition |
Palo Alto Networks Expedition Missing Authentication Vulnerability
Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially a…
|
— | 91.0% |
| Nov 4, 2024 | CVE-2024-8956 | PTZOptics PT30X-SDI/NDI Cameras |
PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability
PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference (IDOR) vulnerability that allows a remote, attacker to bypass authentication for the /cgi-bin/param.cgi…
|
— | 83.6% |
| Nov 4, 2024 | CVE-2024-8957 | PTZOptics PT30X-SDI/NDI Cameras |
PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability
PTZOptics PT30X-SDI/NDI cameras contain an OS command injection vulnerability that allows a remote, authenticated attacker to escalate privileges to root via a crafted payload wit…
|
— | 55.5% |
| Oct 24, 2024 | CVE-2024-20481 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
Cisco ASA and FTD Denial-of-Service Vulnerability
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthe…
|
— | 11.1% |
| Oct 24, 2024 | CVE-2024-37383 | Roundcube Webmail |
RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability
RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code.
|
— | 64.0% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.