Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Mar 3, 2022 | CVE-2015-4902 | Oracle Java SE |
Oracle Java SE Integrity Check Vulnerability
Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.
|
— | 18.3% |
| Mar 3, 2022 | CVE-2016-5195 | Linux Kernel |
Linux Kernel Race Condition Vulnerability
Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.
|
— | 93.9% |
| Mar 3, 2022 | CVE-2020-1938 | Apache Tomcat |
Apache Tomcat Improper Privilege Management Vulnerability
Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker,…
|
— | 94.5% |
| Feb 10, 2022 | CVE-2016-3088 | Apache ActiveMQ |
Apache ActiveMQ Improper Input Validation Vulnerability
The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request
|
— | 94.3% |
| Feb 10, 2022 |
CVE-2017-10271
Ransomware |
Oracle WebLogic Server |
Oracle Corporation WebLogic Server Remote Code Execution Vulnerability
Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution.
|
— | 94.4% |
| Feb 10, 2022 | CVE-2017-9791 | Apache Struts 1 |
Apache Struts 1 Improper Input Validation Vulnerability
The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
|
— | 94.1% |
| Jan 21, 2022 | CVE-2006-1547 | Apache Struts 1 |
Apache Struts 1 ActionForm Denial-of-Service Vulnerability
ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability that allows for denial-of-service (DoS).
|
— | 22.2% |
| Jan 21, 2022 | CVE-2012-0391 | Apache Struts 2 |
Apache Struts 2 Improper Input Validation Vulnerability
The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability that allows for remote code execution.
|
— | 87.5% |
| Jan 18, 2022 | CVE-2020-11978 | Apache Airflow |
Apache Airflow Command Injection
A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.
|
— | 94.3% |
| Jan 18, 2022 | CVE-2020-13671 | Drupal Drupal core |
Drupal core Un-restricted Upload of File
Improper sanitization in the extension file names is present in Drupal core.
|
— | 2.6% |
| Jan 18, 2022 | CVE-2020-13927 | Apache Airflow's Experimental API |
Apache Airflow's Experimental API Authentication Bypass
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.
|
— | 94.1% |
| Jan 18, 2022 | CVE-2020-14864 | Oracle Intelligence Enterprise Edition |
Oracle Business Intelligence Enterprise Edition Path Transversal
Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
|
— | 94.0% |
| Jan 10, 2022 |
CVE-2019-2725
Ransomware |
Oracle WebLogic Server |
Oracle WebLogic Server, Injection
Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
|
— | 94.5% |
| Dec 10, 2021 | CVE-2010-1871 | Red Hat JBoss Seam 2 |
Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can onl…
|
— | 93.5% |
| Dec 10, 2021 |
CVE-2017-12149
Ransomware |
Red Hat JBoss Application Server |
Red Hat JBoss Application Server Remote Code Execution Vulnerability
The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.
|
— | 94.3% |
| Dec 10, 2021 | CVE-2019-0193 | Apache Solr |
Apache Solr DataImportHandler Code Injection Vulnerability
The optional Apache Solr module DataImportHandler contains a code injection vulnerability.
|
— | 93.1% |
| Dec 10, 2021 | CVE-2019-10758 | MongoDB mongo-express |
MongoDB mongo-express Remote Code Execution Vulnerability
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.
|
— | 94.4% |
| Dec 10, 2021 | CVE-2019-13272 | Linux Kernel |
Linux Kernel Improper Privilege Management Vulnerability
Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.
|
— | 80.4% |
| Dec 10, 2021 |
CVE-2021-44228
Ransomware |
Apache Log4j2 |
Apache Log4j2 Remote Code Execution Vulnerability
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
|
— | 94.4% |
| Dec 1, 2021 | CVE-2021-40438 | Apache Apache |
Apache HTTP Server-Side Request Forgery (SSRF)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2012-3152 | Oracle Fusion Middleware |
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.
|
— | 93.5% |
| Nov 3, 2021 | CVE-2015-4852 | Oracle WebLogic Server |
Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability
Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.
|
— | 92.9% |
| Nov 3, 2021 | CVE-2016-4437 | Apache Shiro |
Apache Shiro Code Execution Vulnerability
Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher ke…
|
— | 94.3% |
| Nov 3, 2021 |
CVE-2017-0143
Ransomware |
Microsoft Windows |
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
|
— | 94.0% |
| Nov 3, 2021 |
CVE-2017-5638
Ransomware |
Apache Struts |
Apache Struts Remote Code Execution Vulnerability
Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.
|
— | 94.3% |
| Nov 3, 2021 | CVE-2017-7269 | Microsoft Internet Information Services (IIS) |
Microsoft Windows Server Buffer Overflow Vulnerability
Microsoft Windows Server 2003 R2 contains a buffer overflow vulnerability in Internet Information Services (IIS) 6.0 which allows remote attackers to execute code via a long heade…
|
— | 94.4% |
| Nov 3, 2021 | CVE-2017-9805 | Apache Struts |
Apache Struts Deserialization of Untrusted Data Vulnerability
Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deseriali…
|
— | 94.3% |
| Nov 3, 2021 | CVE-2018-11776 | Apache Struts |
Apache Struts Remote Code Execution Vulnerability
Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't s…
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2018-7600
Ransomware |
Drupal Drupal Core |
Drupal Core Remote Code Execution Vulnerability
Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.
|
— | 94.5% |
| Nov 3, 2021 | CVE-2019-0211 | Apache HTTP Server |
Apache HTTP Server Privilege Escalation Vulnerability
Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpre…
|
— | 89.6% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.