Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Mar 25, 2022 | CVE-2017-3881 | Cisco IOS and IOS XE |
Cisco IOS and IOS XE Remote Code Execution Vulnerability
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a re…
|
— | 94.3% |
| Mar 25, 2022 | CVE-2017-6316 | Citrix NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server |
Citrix Multiple Products Remote Code Execution Vulnerability
A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could re…
|
— | 87.9% |
| Mar 25, 2022 | CVE-2017-6334 | NETGEAR DGN2200 Devices |
NETGEAR DGN2200 Devices OS Command Injection Vulnerability
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands
|
— | 89.2% |
| Mar 25, 2022 | CVE-2018-0125 | Cisco VPN Routers |
Cisco VPN Routers Remote Code Execution Vulnerability
A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affecte…
|
— | 29.5% |
| Mar 25, 2022 | CVE-2018-0147 | Cisco Secure Access Control System (ACS) |
Cisco Secure Access Control System Java Deserialization Vulnerability
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affect…
|
— | 4.0% |
| Mar 25, 2022 |
CVE-2018-11138
Ransomware |
Quest KACE System Management Appliance |
Quest KACE System Management Appliance Remote Command Execution Vulnerability
The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance is accessible by anonymous users and can be abused to perform remote code execution.
|
— | 93.4% |
| Mar 25, 2022 |
CVE-2018-1273
Ransomware |
VMware Tanzu Spring Data Commons |
VMware Tanzu Spring Data Commons Property Binder Vulnerability
Spring Data Commons contains a property binder vulnerability which can allow an attacker to perform remote code execution.
|
— | 94.3% |
| Mar 25, 2022 | CVE-2018-14839 | LG N1A1 NAS |
LG N1A1 NAS Remote Command Execution Vulnerability
LG N1A1 NAS 3718.510 is affected by a remote code execution vulnerability.
|
— | 89.3% |
| Mar 25, 2022 | CVE-2018-6961 | VMware SD-WAN Edge |
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability
VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code executi…
|
— | 93.9% |
| Mar 25, 2022 | CVE-2018-8373 | Microsoft Internet Explorer Scripting Engine |
Microsoft Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.
|
— | 82.5% |
| Mar 25, 2022 | CVE-2018-8414 | Microsoft Windows |
Microsoft Windows Shell Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.
|
— | 89.2% |
| Mar 25, 2022 | CVE-2019-0903 | Microsoft Graphics Device Interface (GDI) |
Microsoft GDI Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this…
|
— | 34.4% |
| Mar 25, 2022 | CVE-2019-1003030 | Jenkins Matrix Project Plugin |
Jenkins Matrix Project Plugin Remote Code Execution Vulnerability
Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution.
|
— | 91.8% |
| Mar 25, 2022 | CVE-2019-10068 | Kentico Xperience |
Kentico Xperience Deserialization of Untrusted Data Vulnerability
Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution.
|
— | 93.8% |
| Mar 25, 2022 |
CVE-2019-11043
Ransomware |
PHP FastCGI Process Manager (FPM) |
PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability
In some versions of PHP in certain configurations of FPM setup, it is possible to cause FPM module to write past allocated buffers allowing the possibility of remote code executio…
|
— | 94.1% |
| Mar 25, 2022 | CVE-2019-12989 | Citrix SD-WAN and NetScaler |
Citrix SD-WAN and NetScaler SQL Injection Vulnerability
Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.
|
— | 91.5% |
| Mar 25, 2022 | CVE-2019-12991 | Citrix SD-WAN and NetScaler |
Citrix SD-WAN and NetScaler Command Injection Vulnerability
Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.
|
— | 80.8% |
| Mar 25, 2022 |
CVE-2019-15107
Ransomware |
Webmin Webmin |
Webmin Command Injection Vulnerability
An issue was discovered in Webmin. The parameter old in password_change.cgi contains a command injection vulnerability.
|
— | 94.5% |
| Mar 25, 2022 | CVE-2019-16920 | D-Link Multiple Routers |
D-Link Multiple Routers Command Injection Vulnerability
Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.
|
— | 94.3% |
| Mar 25, 2022 | CVE-2019-2616 | Oracle BI Publisher (Formerly XML Publisher) |
Oracle BI Publisher Unauthorized Access Vulnerability
Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerabilit…
|
— | 94.0% |
| Mar 25, 2022 | CVE-2019-6340 | Drupal Core |
Drupal Core Remote Code Execution Vulnerability
In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.
|
— | 94.4% |
| Mar 25, 2022 | CVE-2020-1631 | Juniper Junos OS |
Juniper Junos OS Path Traversal Vulnerability
A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero To…
|
— | 5.4% |
| Mar 25, 2022 | CVE-2020-1956 | Apache Kylin |
Apache Kylin OS Command Injection Vulnerability
Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution.
|
— | 94.1% |
| Mar 25, 2022 |
CVE-2020-2021
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
|
— | 19.0% |
| Mar 25, 2022 | CVE-2020-2506 | QNAP Systems Helpdesk |
QNAP Helpdesk Improper Access Control Vulnerability
QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.
|
— | 18.0% |
| Mar 25, 2022 | CVE-2020-25223 | Sophos SG UTM |
Sophos SG UTM Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.
|
— | 94.3% |
| Mar 25, 2022 | CVE-2020-5410 | VMware Tanzu Spring Cloud Configuration (Config) Server |
VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability
Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files.
|
— | 94.3% |
| Mar 25, 2022 | CVE-2020-7247 | OpenBSD OpenSMTPD |
OpenSMTPD Remote Code Execution Vulnerability
smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.
|
— | 94.1% |
| Mar 25, 2022 | CVE-2020-9054 | Zyxel Multiple Network-Attached Storage (NAS) Devices |
Zyxel Multiple NAS Devices OS Command Injection Vulnerability
Multiple Zyxel network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute a…
|
— | 94.3% |
| Mar 25, 2022 | CVE-2020-9377 | D-Link DIR-610 Devices |
D-Link DIR-610 Devices Remote Command Execution
D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.
|
— | 76.6% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.