Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Dec 10, 2021 | CVE-2021-44168 | Fortinet FortiOS |
Fortinet FortiOS Arbitrary File Download
Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
|
— | 1.2% |
| Dec 10, 2021 |
CVE-2021-44228
Ransomware |
Apache Log4j2 |
Apache Log4j2 Remote Code Execution Vulnerability
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
|
— | 94.4% |
| Dec 10, 2021 | CVE-2021-44515 | Zoho Desktop Central |
Zoho Desktop Central Authentication Bypass Vulnerability
Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.
|
— | 94.3% |
| Dec 1, 2021 | CVE-2018-14847 | MikroTik RouterOS |
MikroTik Router OS Directory Traversal Vulnerability
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory trave…
|
— | 93.6% |
| Dec 1, 2021 | CVE-2020-11261 | Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Qualcomm Multiple Chipsets Improper Input Validation Vulnerability
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti…
|
— | 0.8% |
| Dec 1, 2021 | CVE-2021-37415 | Zoho ManageEngine ServiceDesk Plus (SDP) |
Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication
|
— | 92.8% |
| Dec 1, 2021 | CVE-2021-40438 | Apache Apache |
Apache HTTP Server-Side Request Forgery (SSRF)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
|
— | 94.4% |
| Dec 1, 2021 | CVE-2021-44077 | Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus |
Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution
|
— | 94.3% |
| Nov 17, 2021 | CVE-2021-22204 | Perl Exiftool |
ExifTool Remote Code Execution Vulnerability
Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
|
— | 92.8% |
| Nov 17, 2021 |
CVE-2021-40449
Ransomware |
Microsoft Windows |
Microsoft Windows Win32k Privilege Escalation Vulnerability
Unspecified vulnerability allows for an authenticated user to escalate privileges.
|
— | 91.5% |
| Nov 17, 2021 | CVE-2021-42292 | Microsoft Office |
Microsoft Excel Security Feature Bypass
A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.
|
— | 35.5% |
| Nov 17, 2021 |
CVE-2021-42321
Ransomware |
Microsoft Exchange |
Microsoft Exchange Server Remote Code Execution Vulnerability
An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.
|
— | 93.6% |
| Nov 3, 2021 | CVE-2010-5326 | SAP NetWeaver |
SAP NetWeaver Remote Code Execution Vulnerability
SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.
|
— | 13.2% |
| Nov 3, 2021 | CVE-2012-0158 | Microsoft MSCOMCTL.OCX |
Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability
Microsoft MSCOMCTL.OCX contains an unspecified vulnerability that allows for remote code execution, allowing an attacker to take complete control of an affected system under the c…
|
— | 94.3% |
| Nov 3, 2021 | CVE-2012-3152 | Oracle Fusion Middleware |
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.
|
— | 93.5% |
| Nov 3, 2021 |
CVE-2014-1812
Ransomware |
Microsoft Windows |
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An aut…
|
— | 74.6% |
| Nov 3, 2021 | CVE-2015-1641 | Microsoft Office |
Microsoft Office Memory Corruption Vulnerability
Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code exec…
|
— | 93.7% |
| Nov 3, 2021 | CVE-2015-4852 | Oracle WebLogic Server |
Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability
Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.
|
— | 92.9% |
| Nov 3, 2021 |
CVE-2016-0167
Ransomware |
Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
|
— | 10.0% |
| Nov 3, 2021 | CVE-2016-0185 | Microsoft Windows |
Microsoft Windows Media Center Remote Code Execution Vulnerability
Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references mal…
|
— | 80.2% |
| Nov 3, 2021 | CVE-2016-3235 | Microsoft Office |
Microsoft Office OLE DLL Side Loading Vulnerability
Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. …
|
— | 81.2% |
| Nov 3, 2021 | CVE-2016-3643 | SolarWinds Virtualization Manager |
SolarWinds Virtualization Manager Privilege Escalation Vulnerability
SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo.
|
— | 5.2% |
| Nov 3, 2021 | CVE-2016-3715 | ImageMagick ImageMagick |
ImageMagick Arbitrary File Deletion Vulnerability
ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
|
— | 89.3% |
| Nov 3, 2021 | CVE-2016-3718 | ImageMagick ImageMagick |
ImageMagick Server-Side Request Forgery (SSRF) Vulnerability
ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.
|
— | 86.9% |
| Nov 3, 2021 | CVE-2016-3976 | SAP NetWeaver |
SAP NetWeaver Directory Traversal Vulnerability
SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. T…
|
— | 76.3% |
| Nov 3, 2021 | CVE-2016-4437 | Apache Shiro |
Apache Shiro Code Execution Vulnerability
Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher ke…
|
— | 94.3% |
| Nov 3, 2021 | CVE-2016-7255 | Microsoft Win32k |
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in ker…
|
— | 89.4% |
| Nov 3, 2021 | CVE-2016-9563 | SAP NetWeaver |
SAP NetWeaver XML External Entity (XXE) Vulnerability
SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XX…
|
— | 58.8% |
| Nov 3, 2021 |
CVE-2017-0143
Ransomware |
Microsoft Windows |
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
|
— | 94.0% |
| Nov 3, 2021 |
CVE-2017-0199
Ransomware |
Microsoft Office and WordPad |
Microsoft Office and WordPad Remote Code Execution Vulnerability
Microsoft Office and WordPad contain an unspecified vulnerability due to the way the applications parse specially crafted files. Successful exploitation allows for remote code exe…
|
— | 94.3% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.