Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| May 16, 2024 | CVE-2021-40655 | D-Link DIR-605 Router |
D-Link DIR-605 Router Information Disclosure Vulnerability
D-Link DIR-605 routers contain an information disclosure vulnerability that allows attackers to obtain a username and password by forging a post request to the /getcfg.php page.
|
— | 92.6% |
| May 16, 2024 | CVE-2024-4761 | Google Chromium V8 |
Google Chromium V8 Out-of-Bounds Memory Write Vulnerability
Google Chromium V8 Engine contains an unspecified out-of-bounds memory write vulnerability via a crafted HTML page. This vulnerability could affect multiple web browsers that util…
|
— | 3.0% |
| May 14, 2024 | CVE-2024-30040 | Microsoft Windows |
Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.
|
— | 28.7% |
| May 14, 2024 |
CVE-2024-30051
Ransomware |
Microsoft DWM Core Library |
Microsoft DWM Core Library Privilege Escalation Vulnerability
Microsoft DWM Core Library contains a privilege escalation vulnerability that allows an attacker to gain SYSTEM privileges.
|
— | 48.1% |
| May 13, 2024 | CVE-2024-4671 | Google Chromium |
Google Chromium Visuals Use-After-Free Vulnerability
Google Chromium Visuals contains a use-after-free vulnerability that allows a remote attacker to exploit heap corruption via a crafted HTML page. This vulnerability could affect m…
|
— | 0.6% |
| May 1, 2024 | CVE-2023-7028 | GitLab GitLab CE/EE |
GitLab Community and Enterprise Editions Improper Access Control Vulnerability
GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified ema…
|
— | 93.4% |
| Apr 30, 2024 | CVE-2024-29988 | Microsoft SmartScreen Prompt |
Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web (MotW) feature. This vulnerability can be chain…
|
— | 62.8% |
| Apr 24, 2024 | CVE-2024-20353 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
Cisco ASA and FTD Denial of Service Vulnerability
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.
|
— | 18.8% |
| Apr 24, 2024 | CVE-2024-20359 | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
Cisco ASA and FTD Privilege Escalation Vulnerability
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a privilege escalation vulnerability that can allow local privilege escalation from Administrato…
|
— | 0.1% |
| Apr 24, 2024 | CVE-2024-4040 | CrushFTP CrushFTP |
CrushFTP VFS Sandbox Escape Vulnerability
CrushFTP contains an unspecified sandbox escape vulnerability that allows a remote attacker to escape the CrushFTP virtual file system (VFS).
|
— | 94.4% |
| Apr 23, 2024 | CVE-2022-38028 | Microsoft Windows |
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permis…
|
— | 3.9% |
| Apr 12, 2024 |
CVE-2024-3400
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Command Injection Vulnerability
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the …
|
— | 94.3% |
| Apr 11, 2024 | CVE-2024-3272 | D-Link Multiple NAS Devices |
D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability
D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contains a hard-coded credential that allows an attacker to conduct authenticated command injection, leading to remote, unauthoriz…
|
— | 94.1% |
| Apr 11, 2024 | CVE-2024-3273 | D-Link Multiple NAS Devices |
D-Link Multiple NAS Devices Command Injection Vulnerability
D-Link DNS-320L, DNS-325, DNS-327L, and DNS-340L contain a command injection vulnerability. When combined with CVE-2024-3272, this can lead to remote, unauthorized code execution.
|
— | 94.4% |
| Apr 4, 2024 | CVE-2024-29745 | Android Pixel |
Android Pixel Information Disclosure Vulnerability
Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices.
|
— | 0.2% |
| Apr 4, 2024 | CVE-2024-29748 | Android Pixel |
Android Pixel Privilege Escalation Vulnerability
Android Pixel contains a privilege escalation vulnerability that allows an attacker to interrupt a factory reset triggered by a device admin app.
|
— | 0.4% |
| Mar 26, 2024 |
CVE-2023-24955
Ransomware |
Microsoft SharePoint Server |
Microsoft SharePoint Server Code Injection Vulnerability
Microsoft SharePoint Server contains a code injection vulnerability that allows an authenticated attacker with Site Owner privileges to execute code remotely.
|
— | 91.8% |
| Mar 25, 2024 | CVE-2019-7256 | Nice Linear eMerge E3-Series |
Nice Linear eMerge E3-Series OS Command Injection Vulnerability
Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution.
|
— | 94.4% |
| Mar 25, 2024 |
CVE-2021-44529
Ransomware |
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) |
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permis…
|
— | 94.5% |
| Mar 25, 2024 |
CVE-2023-48788
Ransomware |
Fortinet FortiClient EMS |
Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.
|
— | 94.1% |
| Mar 7, 2024 |
CVE-2024-27198
Ransomware |
JetBrains TeamCity |
JetBrains TeamCity Authentication Bypass Vulnerability
JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.
|
— | 93.0% |
| Mar 6, 2024 | CVE-2024-23225 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, watchOS, and visionOS kernel contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to b…
|
— | 0.2% |
| Mar 6, 2024 | CVE-2024-23296 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, tvOS, and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kerne…
|
— | 0.3% |
| Mar 5, 2024 | CVE-2021-36380 | Sunhillo SureLine |
Sunhillo SureLine OS Command Injection Vulnerablity
Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shel…
|
— | 93.6% |
| Mar 5, 2024 | CVE-2023-21237 | Android Pixel |
Android Pixel Information Disclosure Vulnerability
Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. Thi…
|
— | 1.0% |
| Mar 4, 2024 |
CVE-2024-21338
Ransomware |
Microsoft Windows |
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a…
|
— | 79.4% |
| Feb 29, 2024 | CVE-2023-29360 | Microsoft Streaming Service |
Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability
Microsoft Streaming Service contains an untrusted pointer dereference vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
|
— | 30.3% |
| Feb 22, 2024 |
CVE-2024-1709
Ransomware |
ConnectWise ScreenConnect |
ConnectWise ScreenConnect Authentication Bypass Vulnerability
ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-le…
|
— | 94.4% |
| Feb 15, 2024 |
CVE-2020-3259
Ransomware |
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
Cisco ASA and FTD Information Disclosure Vulnerability
Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affect…
|
— | 69.7% |
| Feb 15, 2024 | CVE-2024-21410 | Microsoft Exchange Server |
Microsoft Exchange Server Privilege Escalation Vulnerability
Microsoft Exchange Server contains an unspecified vulnerability that allows for privilege escalation.
|
— | 6.1% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.