Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Sep 13, 2024 | CVE-2024-8190 | Ivanti Cloud Services Appliance |
Ivanti Cloud Services Appliance OS Command Injection Vulnerability
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin…
|
— | 91.9% |
| Sep 10, 2024 | CVE-2024-38014 | Microsoft Windows |
Microsoft Windows Installer Improper Privilege Management Vulnerability
Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.
|
— | 12.8% |
| Sep 10, 2024 | CVE-2024-38217 | Microsoft Windows |
Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited …
|
— | 13.8% |
| Sep 10, 2024 | CVE-2024-38226 | Microsoft Publisher |
Microsoft Publisher Protection Mechanism Failure Vulnerability
Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files.
|
— | 1.4% |
| Sep 9, 2024 | CVE-2016-3714 | ImageMagick ImageMagick |
ImageMagick Improper Input Validation Vulnerability
ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to exec…
|
— | 93.6% |
| Sep 9, 2024 |
CVE-2017-1000253
Ransomware |
Linux Kernel |
Linux Kernel PIE Stack Buffer Corruption Vulnerability
Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges.
|
— | 57.3% |
| Sep 9, 2024 |
CVE-2024-40766
Ransomware |
SonicWall SonicOS |
SonicWall SonicOS Improper Access Control Vulnerability
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
|
— | 3.4% |
| Sep 3, 2024 | CVE-2021-20123 | DrayTek VigorConnect |
Draytek VigorConnect Path Traversal Vulnerability
Draytek VigorConnect contains a path traversal vulnerability in the DownloadFileServlet endpoint. An unauthenticated attacker could leverage this vulnerability to download arbitra…
|
— | 93.5% |
| Sep 3, 2024 | CVE-2021-20124 | DrayTek VigorConnect |
Draytek VigorConnect Path Traversal Vulnerability
Draytek VigorConnect contains a path traversal vulnerability in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could leverage this vulnera…
|
— | 93.6% |
| Sep 3, 2024 | CVE-2024-7262 | Kingsoft WPS Office |
Kingsoft WPS Office Path Traversal Vulnerability
Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library.
|
— | 9.7% |
| Aug 28, 2024 | CVE-2024-7965 | Google Chromium V8 |
Google Chromium V8 Inappropriate Implementation Vulnerability
Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulner…
|
— | 22.8% |
| Aug 27, 2024 | CVE-2024-38856 | Apache OFBiz |
Apache OFBiz Incorrect Authorization Vulnerability
Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthent…
|
— | 94.4% |
| Aug 26, 2024 | CVE-2024-7971 | Google Chromium V8 |
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 contains a type confusion vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect multip…
|
— | 1.9% |
| Aug 23, 2024 | CVE-2024-39717 | Versa Director |
Versa Director Dangerous File Type Upload Vulnerability
The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administrators with Provider-Data-Center-Admin or Provider-Data-Center…
|
— | 5.4% |
| Aug 21, 2024 | CVE-2021-31196 | Microsoft Exchange Server |
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.
|
— | 3.3% |
| Aug 21, 2024 | CVE-2021-33044 | Dahua IP Camera Firmware |
Dahua IP Camera Authentication Bypass Vulnerability
Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication.
|
— | 94.3% |
| Aug 21, 2024 | CVE-2021-33045 | Dahua IP Camera Firmware |
Dahua IP Camera Authentication Bypass Vulnerability
Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication.
|
— | 94.2% |
| Aug 21, 2024 | CVE-2022-0185 | Linux Kernel |
Linux Kernel Heap-Based Buffer Overflow Vulnerability
Linux kernel contains a heap-based buffer overflow vulnerability in the legacy_parse_param function in the Filesystem Context functionality. This allows an attacker to open a file…
|
— | 1.9% |
| Aug 19, 2024 |
CVE-2024-23897
Ransomware |
Jenkins Jenkins Command Line Interface (CLI) |
Jenkins Command Line Interface (CLI) Path Traversal Vulnerability
Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.
|
— | 94.5% |
| Aug 15, 2024 | CVE-2024-28986 | SolarWinds Web Help Desk |
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.
|
— | 80.2% |
| Aug 13, 2024 | CVE-2024-38106 | Microsoft Windows |
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation o…
|
— | 0.8% |
| Aug 13, 2024 | CVE-2024-38107 | Microsoft Windows |
Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability
Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.
|
— | 3.4% |
| Aug 13, 2024 | CVE-2024-38178 | Microsoft Windows |
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.
|
— | 30.2% |
| Aug 13, 2024 | CVE-2024-38189 | Microsoft Project |
Microsoft Project Remote Code Execution Vulnerability
Microsoft Project contains an unspecified vulnerability that allows for remote code execution via a malicious file.
|
— | 43.7% |
| Aug 13, 2024 | CVE-2024-38193 | Microsoft Windows |
Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privil…
|
— | 73.2% |
| Aug 13, 2024 | CVE-2024-38213 | Microsoft Windows |
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.
|
— | 59.3% |
| Aug 7, 2024 | CVE-2024-32113 | Apache OFBiz |
Apache OFBiz Path Traversal Vulnerability
Apache OFBiz contains a path traversal vulnerability that could allow for remote code execution.
|
— | 94.0% |
| Aug 7, 2024 | CVE-2024-36971 | Android Kernel |
Android Kernel Remote Code Execution Vulnerability
Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, incl…
|
— | 0.4% |
| Aug 5, 2024 | CVE-2018-0824 | Microsoft Windows |
Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability
Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or…
|
— | 91.5% |
| Jul 30, 2024 |
CVE-2024-37085
Ransomware |
VMware ESXi |
VMware ESXi Authentication Bypass Vulnerability
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was prev…
|
— | 80.3% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.