Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Feb 24, 2025 | CVE-2024-20953 | Oracle Agile Product Lifecycle Management (PLM) |
Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability
Oracle Agile Product Lifecycle Management (PLM) contains a deserialization vulnerability that allows a low-privileged attacker with network access via HTTP to compromise the syste…
|
— | 67.9% |
| Jan 7, 2025 | CVE-2020-2883 | Oracle WebLogic Server |
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP…
|
— | 94.4% |
| Nov 21, 2024 | CVE-2024-21287 | Oracle Agile Product Lifecycle Management (PLM) |
Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability
Oracle Agile Product Lifecycle Management (PLM) contains an incorrect authorization vulnerability in the Process Extension component of the Software Development Kit. Successful ex…
|
— | 69.8% |
| Nov 20, 2024 | CVE-2024-38812 | VMware vCenter Server |
VMware vCenter Server Heap-Based Buffer Overflow Vulnerability
VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network acc…
|
— | 77.9% |
| Nov 20, 2024 | CVE-2024-38813 | VMware vCenter Server |
VMware vCenter Server Privilege Escalation Vulnerability
VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate pr…
|
— | 29.5% |
| Nov 18, 2024 | CVE-2024-1212 | Progress Kemp LoadMaster |
Progress Kemp LoadMaster OS Command Injection Vulnerability
Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated, remote attacker to access the system through the LoadMaster management inte…
|
— | 94.3% |
| Nov 12, 2024 | CVE-2021-26086 | Atlassian Jira Server and Data Center |
Atlassian Jira Server and Data Center Path Traversal Vulnerability
Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint.
|
— | 94.2% |
| Oct 17, 2024 |
CVE-2024-40711
Ransomware |
Veeam Backup & Replication |
Veeam Backup and Replication Deserialization Vulnerability
Veeam Backup and Replication contains a deserialization vulnerability allowing an unauthenticated user to perform remote code execution.
|
— | 70.5% |
| Oct 15, 2024 | CVE-2024-28987 | SolarWinds Web Help Desk |
SolarWinds Web Help Desk Hardcoded Credential Vulnerability
SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data.
|
— | 94.3% |
| Sep 30, 2024 | CVE-2019-0344 | SAP Commerce Cloud |
SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability
SAP Commerce Cloud (formerly known as Hybris) contains a deserialization of untrusted data vulnerability within the mediaconversion and virtualjdbc extension that allows for code …
|
— | 40.2% |
| Sep 18, 2024 | CVE-2020-14644 | Oracle WebLogic Server |
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can ex…
|
— | 93.6% |
| Sep 18, 2024 | CVE-2022-21445 | Oracle ADF Faces |
Oracle ADF Faces Deserialization of Untrusted Data Vulnerability
Oracle ADF Faces library, included with Oracle JDeveloper Distribution, contains a deserialization of untrusted data vulnerability leading to unauthenticated remote code execution.
|
— | 92.0% |
| Sep 16, 2024 |
CVE-2024-6670
Ransomware |
Progress WhatsUp Gold |
Progress WhatsUp Gold SQL Injection Vulnerability
Progress WhatsUp Gold contains a SQL injection vulnerability that allows an unauthenticated attacker to retrieve the user's encrypted password if the application is configured wit…
|
— | 94.5% |
| Aug 15, 2024 | CVE-2024-28986 | SolarWinds Web Help Desk |
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.
|
— | 80.2% |
| Jul 30, 2024 |
CVE-2024-37085
Ransomware |
VMware ESXi |
VMware ESXi Authentication Bypass Vulnerability
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was prev…
|
— | 80.3% |
| Jul 17, 2024 | CVE-2022-22948 | VMware vCenter Server |
VMware vCenter Server Incorrect Default File Permissions Vulnerability
VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.
|
— | 26.0% |
| Jul 17, 2024 | CVE-2024-28995 | SolarWinds Serv-U |
SolarWinds Serv-U Path Traversal Vulnerability
SolarWinds Serv-U contains a path traversal vulnerability that allows an attacker access to read sensitive files on the host machine.
|
— | 94.4% |
| Jun 13, 2024 | CVE-2024-4358 | Progress Telerik Report Server |
Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability
Progress Telerik Report Server contains an authorization bypass by spoofing vulnerability that allows an attacker to obtain unauthorized access.
|
— | 94.3% |
| Jun 3, 2024 | CVE-2017-3506 | Oracle WebLogic Server |
Oracle WebLogic Server OS Command Injection Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specia…
|
— | 94.4% |
| May 1, 2024 | CVE-2023-7028 | GitLab GitLab CE/EE |
GitLab Community and Enterprise Editions Improper Access Control Vulnerability
GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified ema…
|
— | 93.4% |
| Feb 22, 2024 |
CVE-2024-1709
Ransomware |
ConnectWise ScreenConnect |
ConnectWise ScreenConnect Authentication Bypass Vulnerability
ConnectWise ScreenConnect contains an authentication bypass vulnerability that allows an attacker with network access to the management interface to create a new, administrator-le…
|
— | 94.4% |
| Jan 24, 2024 |
CVE-2023-22527
Ransomware |
Atlassian Confluence Data Center and Server |
Atlassian Confluence Data Center and Server Template Injection Vulnerability
Atlassian Confluence Data Center and Server contain an unauthenticated OGNL template injection vulnerability that can lead to remote code execution.
|
— | 94.4% |
| Jan 22, 2024 | CVE-2023-34048 | VMware vCenter Server |
VMware vCenter Server Out-of-Bounds Write Vulnerability
VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution.
|
— | 93.2% |
| Jan 17, 2024 | CVE-2023-6548 | Citrix NetScaler ADC and NetScaler Gateway |
Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NS…
|
— | 5.7% |
| Jan 17, 2024 | CVE-2023-6549 | Citrix NetScaler ADC and NetScaler Gateway |
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy,…
|
— | 82.3% |
| Nov 16, 2023 | CVE-2020-2551 | Oracle Fusion Middleware |
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the We…
|
— | 94.4% |
| Nov 7, 2023 |
CVE-2023-22518
Ransomware |
Atlassian Confluence Data Center and Server |
Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
Atlassian Confluence Data Center and Server contain an improper authorization vulnerability that can result in significant data loss when exploited by an unauthenticated attacker.…
|
— | 94.4% |
| Oct 18, 2023 |
CVE-2023-4966
Ransomware |
Citrix NetScaler ADC and NetScaler Gateway |
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual serve…
|
— | 94.3% |
| Oct 5, 2023 |
CVE-2023-22515
Ransomware |
Atlassian Confluence Data Center and Server |
Atlassian Confluence Data Center and Server Broken Access Control Vulnerability
Atlassian Confluence Data Center and Server contains a broken access control vulnerability that allows an attacker to create unauthorized Confluence administrator accounts and acc…
|
— | 94.4% |
| Oct 5, 2023 |
CVE-2023-40044
Ransomware |
Progress WS_FTP Server |
Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability
Progress WS_FTP Server contains a deserialization of untrusted data vulnerability in the Ad Hoc Transfer module that allows an authenticated attacker to execute remote commands on…
|
— | 94.4% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.