Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| May 24, 2022 |
CVE-2017-18362
Ransomware |
Kaseya Virtual System/Server Administrator (VSA) |
Kaseya VSA SQL Injection Vulnerability
ConnectWise ManagedITSync integration for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.
|
— | 81.1% |
| May 16, 2022 | CVE-2022-22947 | VMware Spring Cloud Gateway |
VMware Spring Cloud Gateway Code Injection Vulnerability
Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.
|
— | 94.5% |
| Apr 15, 2022 | CVE-2022-22960 | VMware Multiple Products |
VMware Multiple Products Privilege Escalation Vulnerability
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.
|
— | 72.5% |
| Apr 14, 2022 |
CVE-2022-22954
Ransomware |
VMware Workspace ONE Access and Identity Manager |
VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability
VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.
|
— | 94.4% |
| Apr 13, 2022 |
CVE-2018-20753
Ransomware |
Kaseya Virtual System/Server Administrator (VSA) |
Kaseya VSA Remote Code Execution Vulnerability
Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
|
— | 47.9% |
| Apr 4, 2022 | CVE-2022-22965 | VMware Spring Framework |
Spring Framework JDK 9+ Remote Code Execution Vulnerability
Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
|
— | 94.4% |
| Mar 28, 2022 | CVE-2012-0518 | Oracle Fusion Middleware |
Oracle Fusion Middleware Unspecified Vulnerability
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors
|
— | 20.9% |
| Mar 28, 2022 | CVE-2012-5076 | Oracle Java SE |
Oracle Java SE Sandbox Bypass Vulnerability
The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java applic…
|
— | 91.4% |
| Mar 28, 2022 |
CVE-2013-2465
Ransomware |
Oracle Java SE |
Oracle Java SE Unspecified Vulnerability
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unkn…
|
— | 93.2% |
| Mar 28, 2022 |
CVE-2021-26085
Ransomware |
Atlassian Confluence Server |
Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a pre-authorization arbitrary file read vulnerability in the /s/ endpoint.
|
— | 94.0% |
| Mar 25, 2022 | CVE-2017-6316 | Citrix NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server |
Citrix Multiple Products Remote Code Execution Vulnerability
A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could re…
|
— | 87.9% |
| Mar 25, 2022 | CVE-2018-6961 | VMware SD-WAN Edge |
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability
VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code executi…
|
— | 93.9% |
| Mar 25, 2022 | CVE-2019-12989 | Citrix SD-WAN and NetScaler |
Citrix SD-WAN and NetScaler SQL Injection Vulnerability
Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.
|
— | 91.5% |
| Mar 25, 2022 | CVE-2019-12991 | Citrix SD-WAN and NetScaler |
Citrix SD-WAN and NetScaler Command Injection Vulnerability
Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.
|
— | 80.8% |
| Mar 25, 2022 | CVE-2019-2616 | Oracle BI Publisher (Formerly XML Publisher) |
Oracle BI Publisher Unauthorized Access Vulnerability
Oracle BI Publisher, formerly XML Publisher, contains an unspecified vulnerability that allows for various unauthorized actions. Open-source reporting attributes this vulnerabilit…
|
— | 94.0% |
| Mar 25, 2022 |
CVE-2021-22941
Ransomware |
Citrix ShareFile |
Citrix ShareFile Improper Access Control Vulnerability
Improper Access Control in Citrix ShareFile storage zones controller may allow an unauthenticated attacker to remotely compromise the storage zones controller.
|
— | 88.5% |
| Mar 7, 2022 | CVE-2019-11581 | Atlassian Jira Server and Data Center |
Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability
Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution.
|
— | 94.4% |
| Mar 7, 2022 | CVE-2021-21973 | VMware vCenter Server and Cloud Foundation |
VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability
VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosur…
|
— | 90.4% |
| Mar 3, 2022 | CVE-2008-3431 | Oracle VirtualBox |
Oracle VirtualBox Insufficient Input Validation Vulnerability
An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code.
|
— | 5.4% |
| Mar 3, 2022 | CVE-2011-3544 | Oracle Java SE JDK and JRE |
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
An access control vulnerability exists in the Applet Rhino Script Engine component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
|
— | 92.5% |
| Mar 3, 2022 |
CVE-2012-0507
Ransomware |
Oracle Java SE |
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
An incorrect type vulnerability exists in the Concurrency component of Oracle's Java Runtime Environment allows an attacker to remotely execute arbitrary code.
|
— | 93.7% |
| Mar 3, 2022 |
CVE-2012-1723
Ransomware |
Oracle Java SE |
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unkn…
|
— | 94.1% |
| Mar 3, 2022 |
CVE-2012-4681
Ransomware |
Oracle Java SE |
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.
|
— | 94.1% |
| Mar 3, 2022 | CVE-2015-2590 | Oracle Java SE |
Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.
|
— | 66.6% |
| Mar 3, 2022 | CVE-2015-4902 | Oracle Java SE |
Oracle Java SE Integrity Check Vulnerability
Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.
|
— | 18.3% |
| Feb 22, 2022 | CVE-2022-23131 | Zabbix Frontend |
Zabbix Frontend Authentication Bypass Vulnerability
Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML.
|
— | 94.0% |
| Feb 22, 2022 | CVE-2022-23134 | Zabbix Frontend |
Zabbix Frontend Improper Access Control Vulnerability
Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend.
|
— | 92.6% |
| Feb 10, 2022 |
CVE-2017-10271
Ransomware |
Oracle WebLogic Server |
Oracle Corporation WebLogic Server Remote Code Execution Vulnerability
Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.
|
— | 94.4% |
| Jan 21, 2022 | CVE-2021-35247 | SolarWinds Serv-U |
SolarWinds Serv-U Improper Input Validation Vulnerability
SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability that allows attackers to build and send queries without sanitization.
|
— | 5.3% |
| Jan 18, 2022 | CVE-2020-14864 | Oracle Intelligence Enterprise Edition |
Oracle Business Intelligence Enterprise Edition Path Transversal
Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
|
— | 94.0% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.