Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Jan 18, 2022 | CVE-2021-32648 | October CMS October CMS |
October CMS Improper Authentication
In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request.
|
— | 93.0% |
| Jan 18, 2022 | CVE-2021-33766 | Microsoft Exchange Server |
Microsoft Exchange Server Information Disclosure
Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target.
|
— | 93.8% |
| Jan 18, 2022 | CVE-2021-40870 | Aviatrix Aviatrix Controller |
Aviatrix Controller Unrestricted Upload of File
Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
|
— | 94.3% |
| Jan 10, 2022 | CVE-2013-3900 | Microsoft WinVerifyTrust function |
Microsoft WinVerifyTrust function Remote Code Execution
A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files.
|
— | 75.8% |
| Jan 10, 2022 | CVE-2015-7450 | IBM WebSphere Application Server and Server Hypervisor Edition |
IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary…
|
— | 93.3% |
| Jan 10, 2022 | CVE-2017-1000486 | Primetek Primefaces Application |
Primetek Primefaces Remote Code Execution Vulnerability
Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution
|
— | 93.9% |
| Jan 10, 2022 |
CVE-2018-13382
Ransomware |
Fortinet FortiOS and FortiProxy |
Fortinet FortiOS and FortiProxy Improper Authorization
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
|
— | 87.1% |
| Jan 10, 2022 |
CVE-2018-13383
Ransomware |
Fortinet FortiOS and FortiProxy |
Fortinet FortiOS and FortiProxy Out-of-bounds Write
A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.
|
— | 1.8% |
| Jan 10, 2022 | CVE-2019-10149 | Exim Mail Transfer Agent (MTA) |
Exim Mail Transfer Agent (MTA) Improper Input Validation
Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
|
— | 93.9% |
| Jan 10, 2022 |
CVE-2019-1458
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.
|
— | 92.2% |
| Jan 10, 2022 |
CVE-2019-1579
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.
|
— | 92.9% |
| Jan 10, 2022 |
CVE-2019-2725
Ransomware |
Oracle WebLogic Server |
Oracle WebLogic Server, Injection
Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
|
— | 94.5% |
| Jan 10, 2022 | CVE-2019-7609 | Elastic Kibana |
Kibana Arbitrary Code Execution
Kibana contain an arbitrary code execution flaw in the Timelion visualizer.
|
— | 94.4% |
| Jan 10, 2022 | CVE-2019-9670 | Synacor Zimbra Collaboration Suite (ZCS) |
Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in the mailboxd component.
|
— | 94.4% |
| Jan 10, 2022 | CVE-2020-6572 | Google Chrome Media |
Google Chrome Media Use-After-Free Vulnerability
Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.
|
— | 19.1% |
| Jan 10, 2022 | CVE-2021-22017 | VMware vCenter Server |
VMware vCenter Server Improper Access Control
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
|
— | 74.8% |
| Jan 10, 2022 | CVE-2021-27860 | FatPipe WARP, IPVPN, and MPVPN software |
FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesy…
|
— | 39.7% |
| Jan 10, 2022 | CVE-2021-36260 | Hikvision Security cameras web server |
Hikvision Improper Input Validation
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation.
|
— | 94.4% |
| Dec 15, 2021 | CVE-2021-4102 | Google Chromium V8 |
Google Chromium V8 Use-After-Free Vulnerability
Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
|
— | 5.5% |
| Dec 15, 2021 |
CVE-2021-43890
Ransomware |
Microsoft Windows |
Microsoft Windows AppX Installer Spoofing Vulnerability
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
|
— | 25.2% |
| Dec 10, 2021 | CVE-2010-1871 | Red Hat JBoss Seam 2 |
Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can onl…
|
— | 93.5% |
| Dec 10, 2021 |
CVE-2017-12149
Ransomware |
Red Hat JBoss Application Server |
Red Hat JBoss Application Server Remote Code Execution Vulnerability
The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.
|
— | 94.3% |
| Dec 10, 2021 | CVE-2017-17562 | Embedthis GoAhead |
Embedthis GoAhead Remote Code Execution Vulnerability
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked.
|
— | 94.3% |
| Dec 10, 2021 | CVE-2019-0193 | Apache Solr |
Apache Solr DataImportHandler Code Injection Vulnerability
The optional Apache Solr module DataImportHandler contains a code injection vulnerability.
|
— | 93.1% |
| Dec 10, 2021 | CVE-2019-10758 | MongoDB mongo-express |
MongoDB mongo-express Remote Code Execution Vulnerability
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method.
|
— | 94.4% |
| Dec 10, 2021 | CVE-2019-13272 | Linux Kernel |
Linux Kernel Improper Privilege Management Vulnerability
Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access.
|
— | 80.4% |
| Dec 10, 2021 | CVE-2019-7238 | Sonatype Nexus Repository Manager |
Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability
Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.
|
— | 94.4% |
| Dec 10, 2021 | CVE-2020-17463 | Fuel CMS Fuel CMS |
Fuel CMS SQL Injection Vulnerability
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
|
— | 17.5% |
| Dec 10, 2021 | CVE-2020-8816 | Pi-hole AdminLTE |
Pi-Hole AdminLTE Remote Code Execution Vulnerability
Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.
|
— | 90.8% |
| Dec 10, 2021 | CVE-2021-35394 | Realtek Jungle Software Development Kit (SDK) |
Realtek Jungle SDK Remote Code Execution Vulnerability
RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution.
|
— | 94.2% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.