Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 31–60 of 129 CVEs · Page 2 of 5 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Mar 18, 2025 CVE-2025-24472
Ransomware
Fortinet FortiOS and FortiProxy
network vpn remote
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
10.4%
Mar 10, 2025 CVE-2024-13159 Ivanti Endpoint Manager (EPM)
endpoint vpn remote
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
94.0%
Mar 10, 2025 CVE-2024-13160 Ivanti Endpoint Manager (EPM)
endpoint vpn remote
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
93.8%
Mar 10, 2025 CVE-2024-13161 Ivanti Endpoint Manager (EPM)
endpoint vpn remote
Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability
Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.
91.8%
Feb 20, 2025 CVE-2025-0111 Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS File Read Vulnerability
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the man…
3.7%
Feb 18, 2025 CVE-2024-53704
Ransomware
SonicWall SonicOS
network vpn remote
SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.
93.9%
Feb 18, 2025 CVE-2025-0108 Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network acces…
94.1%
Jan 24, 2025 CVE-2025-23006
Ransomware
SonicWall SMA1000 Appliances
network vpn remote
SonicWall SMA1000 Appliances Deserialization Vulnerability
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, una…
50.1%
Jan 14, 2025 CVE-2024-55591
Ransomware
Fortinet FortiOS and FortiProxy
network vpn remote
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted reques…
94.1%
Jan 8, 2025 CVE-2025-0282
Ransomware
Ivanti Connect Secure, Policy Secure, and ZTA Gateways
endpoint vpn remote
Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.
94.1%
Dec 30, 2024 CVE-2024-3393 Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malicious DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacke…
79.7%
Nov 18, 2024 CVE-2024-0012
Ransomware
Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrat…
94.3%
Nov 18, 2024 CVE-2024-9474
Ransomware
Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, …
94.2%
Nov 14, 2024 CVE-2024-9463 Palo Alto Networks Expedition
network vpn remote
Palo Alto Networks Expedition OS Command Injection Vulnerability
Palo Alto Networks Expedition contains an OS command injection vulnerability that allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting …
94.2%
Nov 14, 2024 CVE-2024-9465 Palo Alto Networks Expedition
network vpn remote
Palo Alto Networks Expedition SQL Injection Vulnerability
Palo Alto Networks Expedition contains a SQL injection vulnerability that allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usern…
94.3%
Nov 7, 2024 CVE-2024-5910 Palo Alto Networks Expedition
network vpn remote
Palo Alto Networks Expedition Missing Authentication Vulnerability
Palo Alto Networks Expedition contains a missing authentication vulnerability that allows an attacker with network access to takeover an Expedition admin account and potentially a…
91.0%
Oct 23, 2024 CVE-2024-47575 Fortinet FortiManager
network vpn remote
Fortinet FortiManager Missing Authentication Vulnerability
Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via …
93.9%
Oct 9, 2024 CVE-2024-23113 Fortinet Multiple Products
network vpn remote
Fortinet Multiple Products Format String Vulnerability
Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via…
54.4%
Oct 9, 2024 CVE-2024-9379 Ivanti Cloud Services Appliance (CSA)
endpoint vpn remote
Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability
Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated a…
81.7%
Oct 9, 2024 CVE-2024-9380 Ivanti Cloud Services Appliance (CSA)
endpoint vpn remote
Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin…
88.1%
Oct 2, 2024 CVE-2024-29824 Ivanti Endpoint Manager (EPM)
endpoint vpn remote
Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability
Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.
94.0%
Sep 24, 2024 CVE-2024-7593 Ivanti Virtual Traffic Manager
endpoint vpn remote
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.
94.4%
Sep 19, 2024 CVE-2024-8963 Ivanti Cloud Services Appliance (CSA)
endpoint vpn remote
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8…
94.2%
Sep 13, 2024 CVE-2024-8190 Ivanti Cloud Services Appliance
endpoint vpn remote
Ivanti Cloud Services Appliance OS Command Injection Vulnerability
Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin…
91.9%
Sep 9, 2024 CVE-2024-40766
Ransomware
SonicWall SonicOS
network vpn remote
SonicWall SonicOS Improper Access Control Vulnerability
SonicWall SonicOS contains an improper access control vulnerability that could lead to unauthorized resource access and, under certain conditions, may cause the firewall to crash.
3.4%
May 30, 2024 CVE-2024-24919
Ransomware
Check Point Quantum Security Gateways
network vpn remote
Check Point Quantum Security Gateways Information Disclosure Vulnerability
Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gatewa…
94.3%
Apr 12, 2024 CVE-2024-3400
Ransomware
Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Command Injection Vulnerability
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the …
94.3%
Mar 25, 2024 CVE-2021-44529
Ransomware
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA)
endpoint vpn remote
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability
Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permis…
94.5%
Mar 25, 2024 CVE-2023-48788
Ransomware
Fortinet FortiClient EMS
network vpn remote
Fortinet FortiClient EMS SQL Injection Vulnerability
Fortinet FortiClient EMS contains a SQL injection vulnerability that allows an unauthenticated attacker to execute commands as SYSTEM via specifically crafted requests.
94.1%
Feb 9, 2024 CVE-2024-21762
Ransomware
Fortinet FortiOS
network vpn remote
Fortinet FortiOS Out-of-Bound Write Vulnerability
Fortinet FortiOS contains an out-of-bound write vulnerability that allows a remote unauthenticated attacker to execute code or commands via specially crafted HTTP requests.
92.6%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.