Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Oct 23, 2023 | CVE-2023-20273 | Cisco Cisco IOS XE Web UI |
Cisco IOS XE Web UI Command Injection Vulnerability
Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privil…
|
— | 92.6% |
| Oct 16, 2023 | CVE-2023-20198 | Cisco IOS XE Web UI |
Cisco IOS XE Web UI Privilege Escalation Vulnerability
Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege…
|
— | 94.0% |
| Oct 10, 2023 | CVE-2023-20109 | Cisco IOS and IOS XE |
Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has…
|
— | 0.6% |
| Sep 13, 2023 |
CVE-2023-20269
Ransomware |
Cisco Adaptive Security Appliance and Firepower Threat Defense |
Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability
Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute…
|
— | 1.2% |
| Jun 29, 2023 | CVE-2019-17621 | D-Link DIR-859 Router |
D-Link DIR-859 Router Command Execution Vulnerability
D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system comm…
|
— | 93.0% |
| Jun 29, 2023 | CVE-2019-20500 | D-Link DWL-2600AP Access Point |
D-Link DWL-2600AP Access Point Command Injection Vulnerability
D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters …
|
— | 89.9% |
| Jun 13, 2023 |
CVE-2023-27997
Ransomware |
Fortinet FortiOS and FortiProxy SSL-VPN |
Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability
Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via spec…
|
— | 90.8% |
| May 26, 2023 | CVE-2023-2868 | Barracuda Networks Email Security Gateway (ESG) Appliance |
Barracuda Networks ESG Appliance Improper Input Validation Vulnerability
Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.
|
— | 89.2% |
| May 19, 2023 | CVE-2004-1464 | Cisco IOS |
Cisco IOS Denial-of-Service Vulnerability
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Proto…
|
— | 2.2% |
| May 19, 2023 | CVE-2016-6415 | Cisco IOS, IOS XR, and IOS XE |
Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. con…
|
— | 92.7% |
| May 12, 2023 | CVE-2023-25717 | Ruckus Wireless Multiple Products |
Multiple Ruckus Wireless Products CSRF and RCE Vulnerability
Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can…
|
— | 94.2% |
| May 1, 2023 | CVE-2023-1389 | TP-Link Archer AX21 |
TP-Link Archer AX-21 Command Injection Vulnerability
TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.
|
— | 93.3% |
| Apr 19, 2023 | CVE-2017-6742 | Cisco IOS and IOS XE Software |
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute cod…
|
— | 14.8% |
| Mar 14, 2023 | CVE-2022-41328 | Fortinet FortiOS |
Fortinet FortiOS Path Traversal Vulnerability
Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.
|
— | 0.2% |
| Dec 13, 2022 |
CVE-2022-42475
Ransomware |
Fortinet FortiOS |
Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or c…
|
— | 94.0% |
| Oct 24, 2022 |
CVE-2020-3153
Ransomware |
Cisco AnyConnect Secure |
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious…
|
— | 25.1% |
| Oct 24, 2022 |
CVE-2020-3433
Ransomware |
Cisco AnyConnect Secure |
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at …
|
— | 3.9% |
| Oct 11, 2022 |
CVE-2022-40684
Ransomware |
Fortinet Multiple Products |
Fortinet Multiple Products Authentication Bypass Vulnerability
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the admin…
|
— | 94.4% |
| Sep 23, 2022 | CVE-2022-3236 | Sophos Firewall |
Sophos Firewall Code Injection Vulnerability
A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.
|
— | 92.8% |
| Sep 8, 2022 | CVE-2011-4723 | D-Link DIR-300 Router |
D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability
The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information.
|
— | 14.1% |
| Sep 8, 2022 | CVE-2017-5521 | NETGEAR Multiple Devices |
NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability
Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.
|
— | 93.8% |
| Sep 8, 2022 |
CVE-2018-13374
Ransomware |
Fortinet FortiOS and FortiADC |
Fortinet FortiOS and FortiADC Improper Access Control Vulnerability
Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointin…
|
— | 3.4% |
| Sep 8, 2022 |
CVE-2018-6530
Ransomware |
D-Link Multiple Routers |
D-Link Multiple Routers OS Command Injection Vulnerability
Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.
|
— | 94.2% |
| Sep 8, 2022 | CVE-2022-26258 | D-Link DIR-820L |
D-Link DIR-820L Remote Code Execution Vulnerability
D-Link DIR-820L contains an unspecified vulnerability in Device Name parameter in /lan.asp which allows for remote code execution.
|
— | 87.2% |
| Aug 22, 2022 | CVE-2022-0028 | Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability
A Palo Alto Networks PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks.
|
— | 4.7% |
| Aug 18, 2022 | CVE-2017-15944 | Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.
|
— | 94.0% |
| Jun 8, 2022 | CVE-2017-6862 | NETGEAR Multiple Devices |
NETGEAR Multiple Devices Buffer Overflow Vulnerability
Multiple NETGEAR devices contain a buffer overflow vulnerability that allows for authentication bypass and remote code execution.
|
— | 43.1% |
| Jun 8, 2022 | CVE-2019-15271 | Cisco RV Series Routers |
Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability
A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code w…
|
— | 5.6% |
| May 24, 2022 | CVE-2016-6366 | Cisco Adaptive Security Appliance (ASA) |
Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to …
|
— | 90.8% |
| May 24, 2022 | CVE-2016-6367 | Cisco Adaptive Security Appliance (ASA) |
Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or pote…
|
— | 18.8% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.