Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Jan 31, 2024 |
CVE-2024-21893
Ransomware |
Ivanti Connect Secure, Policy Secure, and Neurons |
Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAM…
|
— | 94.3% |
| Jan 18, 2024 |
CVE-2023-35082
Ransomware |
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core |
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability
Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resou…
|
— | 94.4% |
| Jan 17, 2024 | CVE-2023-6548 | Citrix NetScaler ADC and NetScaler Gateway |
Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NS…
|
— | 5.7% |
| Jan 17, 2024 | CVE-2023-6549 | Citrix NetScaler ADC and NetScaler Gateway |
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for a denial-of-service when configured as a Gateway (VPN virtual server, ICA Proxy,…
|
— | 82.3% |
| Jan 10, 2024 |
CVE-2023-46805
Ransomware |
Ivanti Connect Secure and Policy Secure |
Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the web component that allo…
|
— | 94.4% |
| Jan 10, 2024 |
CVE-2024-21887
Ransomware |
Ivanti Connect Secure and Policy Secure |
Ivanti Connect Secure and Policy Secure Command Injection Vulnerability
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, whi…
|
— | 94.4% |
| Oct 31, 2023 |
CVE-2023-46747
Ransomware |
F5 BIG-IP Configuration Utility |
F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability
F5 BIG-IP Configuration utility contains an authentication bypass using an alternate path or channel vulnerability due to undisclosed requests that may allow an unauthenticated at…
|
— | 94.4% |
| Oct 31, 2023 | CVE-2023-46748 | F5 BIG-IP Configuration Utility |
F5 BIG-IP Configuration Utility SQL Injection Vulnerability
F5 BIG-IP Configuration utility contains an SQL injection vulnerability that may allow an authenticated attacker with network access through the BIG-IP management port and/or self…
|
— | 4.3% |
| Oct 18, 2023 |
CVE-2023-4966
Ransomware |
Citrix NetScaler ADC and NetScaler Gateway |
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual serve…
|
— | 94.3% |
| Oct 10, 2023 | CVE-2023-20109 | Cisco IOS and IOS XE |
Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has…
|
— | 0.6% |
| Aug 22, 2023 |
CVE-2023-38035
Ransomware |
Ivanti Sentry |
Ivanti Sentry Authentication Bypass Vulnerability
Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrat…
|
— | 94.4% |
| Aug 16, 2023 | CVE-2023-24489 | Citrix Content Collaboration |
Citrix Content Collaboration ShareFile Improper Access Control Vulnerability
Citrix Content Collaboration contains an improper access control vulnerability that could allow an unauthenticated attacker to remotely compromise customer-managed ShareFile stora…
|
— | 94.4% |
| Jul 31, 2023 | CVE-2023-35081 | Ivanti Endpoint Manager Mobile (EPMM) |
Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability
Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This…
|
— | 90.7% |
| Jul 25, 2023 |
CVE-2023-35078
Ransomware |
Ivanti Endpoint Manager Mobile (EPMM) |
Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability
Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths.…
|
— | 94.4% |
| Jul 19, 2023 |
CVE-2023-3519
Ransomware |
Citrix NetScaler ADC and NetScaler Gateway |
Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contains a code injection vulnerability that allows for unauthenticated remote code execution.
|
— | 93.5% |
| Jun 13, 2023 |
CVE-2023-27997
Ransomware |
Fortinet FortiOS and FortiProxy SSL-VPN |
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via spec…
|
— | 90.8% |
| Mar 14, 2023 | CVE-2022-41328 | Fortinet FortiOS |
Fortinet FortiOS Path Traversal Vulnerability
Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.
|
— | 0.2% |
| Dec 13, 2022 | CVE-2022-27518 | Citrix Application Delivery Controller (ADC) and Gateway |
Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability
Citrix Application Delivery Controller (ADC) and Gateway, when configured with SAML SP or IdP configuration, contain an authentication bypass vulnerability that allows an attacker…
|
— | 27.7% |
| Dec 13, 2022 |
CVE-2022-42475
Ransomware |
Fortinet FortiOS |
Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or c…
|
— | 94.0% |
| Oct 24, 2022 |
CVE-2020-3153
Ransomware |
Cisco AnyConnect Secure |
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious…
|
— | 25.1% |
| Oct 24, 2022 |
CVE-2020-3433
Ransomware |
Cisco AnyConnect Secure |
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at …
|
— | 3.9% |
| Oct 11, 2022 |
CVE-2022-40684
Ransomware |
Fortinet Multiple Products |
Fortinet Multiple Products Authentication Bypass Vulnerability
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the admin…
|
— | 94.4% |
| Sep 8, 2022 |
CVE-2018-13374
Ransomware |
Fortinet FortiOS and FortiADC |
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointin…
|
— | 3.4% |
| Aug 22, 2022 | CVE-2022-0028 | Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.
|
— | 4.7% |
| Aug 18, 2022 | CVE-2017-15944 | Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.
|
— | 94.0% |
| May 10, 2022 |
CVE-2022-1388
Ransomware |
F5 BIG-IP |
F5 BIG-IP Missing Authentication Vulnerability
F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.
|
— | 94.5% |
| Mar 28, 2022 | CVE-2019-7483 | SonicWall SMA100 |
SonicWall SMA100 Directory Traversal Vulnerability
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
|
— | 47.9% |
| Mar 28, 2022 |
CVE-2021-20028
Ransomware |
SonicWall Secure Remote Access (SRA) |
SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability
SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.
|
— | 80.3% |
| Mar 25, 2022 | CVE-2017-6316 | Citrix NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server |
Citrix Multiple Products Remote Code Execution Vulnerability
A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could re…
|
— | 87.9% |
| Mar 25, 2022 | CVE-2018-0125 | Cisco VPN Routers |
Cisco VPN Routers Remote Code Execution Vulnerability
A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affecte…
|
— | 29.5% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.