Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Nov 3, 2021 | CVE-2020-11651 | SaltStack Salt |
SaltStack Salt Authentication Bypass Vulnerability
SaltStack Salt contains an authentication bypass vulnerability in the salt-master process ClearFuncs due to improperly validating method calls. The vulnerability allows a remote u…
|
— | 94.2% |
| Nov 3, 2021 | CVE-2020-11652 | SaltStack Salt |
SaltStack Salt Path Traversal Vulnerability
SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamenta…
|
— | 93.7% |
| Nov 3, 2021 | CVE-2020-11738 | WordPress Snap Creek Duplicator Plugin |
WordPress Snap Creek Duplicator Plugin File Download Vulnerability
WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the genera…
|
— | 94.3% |
| Nov 3, 2021 |
CVE-2020-12271
Ransomware |
Sophos SFOS |
Sophos SFOS SQL Injection Vulnerability
Sophos Firewall operating system (SFOS) firmware contains a SQL injection vulnerability when configured with either the administration (HTTPS) service or the User Portal is expose…
|
— | 86.6% |
| Nov 3, 2021 |
CVE-2020-12812
Ransomware |
Fortinet FortiOS |
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authenticati…
|
— | 41.9% |
| Nov 3, 2021 | CVE-2020-1350 | Microsoft Windows |
Microsoft Windows DNS Server Remote Code Execution Vulnerability
Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability…
|
— | 93.8% |
| Nov 3, 2021 | CVE-2020-1380 | Microsoft Internet Explorer |
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.
|
— | 91.7% |
| Nov 3, 2021 | CVE-2020-1464 | Microsoft Windows |
Microsoft Windows Spoofing Vulnerability
Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed…
|
— | 7.9% |
| Nov 3, 2021 |
CVE-2020-1472
Ransomware |
Microsoft Netlogon |
Microsoft Netlogon Privilege Escalation Vulnerability
Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a doma…
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-14750 | Oracle WebLogic Server |
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-14871 | Oracle Solaris and Zettabyte File System (ZFS) |
Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability
Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.
|
— | 88.9% |
| Nov 3, 2021 | CVE-2020-14882 | Oracle WebLogic Server |
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.
|
— | 94.5% |
| Nov 3, 2021 | CVE-2020-14883 | Oracle WebLogic Server |
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-15505 | Ivanti MobileIron Multiple Products |
Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability
Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-15999 | Google Chrome FreeType |
Google Chrome FreeType Heap Buffer Overflow Vulnerability
Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function Load_SBit_Png when processing PNG…
|
— | 93.0% |
| Nov 3, 2021 | CVE-2020-16009 | Google Chromium V8 |
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability …
|
— | 84.4% |
| Nov 3, 2021 | CVE-2020-16010 | Google Chrome for Android UI |
Google Chrome for Android UI Heap Buffer Overflow Vulnerability
Google Chrome for Android UI contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbo…
|
— | 19.6% |
| Nov 3, 2021 | CVE-2020-16013 | Google Chromium V8 |
Google Chromium V8 Incorrect Implementation Vulnerabililty
Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This…
|
— | 26.1% |
| Nov 3, 2021 | CVE-2020-16017 | Google Chrome |
Google Chrome Use-After-Free Vulnerability
Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafte…
|
— | 21.4% |
| Nov 3, 2021 | CVE-2020-16846 | SaltStack Salt |
SaltStack Salt Shell Injection Vulnerability
SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt API using the SSH client. This vulnerability affe…
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-17087 | Microsoft Windows |
Microsoft Windows Kernel Privilege Escalation Vulnerability
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
|
— | 20.4% |
| Nov 3, 2021 | CVE-2020-17144 | Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution.
|
— | 92.0% |
| Nov 3, 2021 | CVE-2020-17496 | vBulletin vBulletin |
vBulletin PHP Module Remote Code Execution Vulnerability
The PHP module within vBulletin contains an unspecified vulnerability that allows for remote code execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_ta…
|
— | 94.2% |
| Nov 3, 2021 | CVE-2020-17530 | Apache Struts |
Apache Struts Remote Code Execution Vulnerability
Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag attributes, can lead to remote code execution.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-24557 | Trend Micro Apex One, OfficeScan, and Worry-Free Business Security |
Trend Micro Multiple Products Improper Access Control Vulnerability
Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a…
|
— | 1.9% |
| Nov 3, 2021 | CVE-2020-25213 | WordPress File Manager Plugin |
WordPress File Manager Plugin Remote Code Execution Vulnerability
WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-25506 | D-Link DNS-320 Device |
D-Link DNS-320 Device Command Injection Vulnerability
D-Link DNS-320 device contains a command injection vulnerability in the sytem_mgr.cgi component that may allow for remote code execution.
|
— | 94.2% |
| Nov 3, 2021 | CVE-2020-2555 | Oracle Multiple Products |
Oracle Multiple Products Remote Code Execution Vulnerability
Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. …
|
— | 93.1% |
| Nov 3, 2021 | CVE-2020-26919 | NETGEAR JGS516PE Devices |
Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability
Netgear JGS516PE devices contain a missing function level access control vulnerability.
|
— | 93.8% |
| Nov 3, 2021 | CVE-2020-27930 | Apple Multiple Products |
Apple Multiple Products Memory Corruption Vulnerability
Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front.
|
— | 43.9% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.