Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| Jan 18, 2022 |
CVE-2021-21975
Ransomware |
VMware vRealize Operations Manager API |
VMware Server Side Request Forgery in vRealize Operations Manager API
Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perfor…
|
— | 94.4% |
| Jan 18, 2022 | CVE-2021-25296 | Nagios Nagios XI |
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
|
— | 93.3% |
| Jan 18, 2022 | CVE-2021-25297 | Nagios Nagios XI |
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
|
— | 81.9% |
| Jan 18, 2022 | CVE-2021-25298 | Nagios Nagios XI |
Nagios XI OS Command Injection
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server.
|
— | 75.2% |
| Jan 10, 2022 | CVE-2015-7450 | IBM WebSphere Application Server and Server Hypervisor Edition |
IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary…
|
— | 93.3% |
| Jan 10, 2022 |
CVE-2019-2725
Ransomware |
Oracle WebLogic Server |
Oracle WebLogic Server, Injection
Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
|
— | 94.5% |
| Jan 10, 2022 | CVE-2021-22017 | VMware vCenter Server |
VMware vCenter Server Improper Access Control
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
|
— | 74.8% |
| Nov 3, 2021 | CVE-2010-5326 | SAP NetWeaver |
SAP NetWeaver Remote Code Execution Vulnerability
SAP NetWeaver Application Server Java Platforms Invoker Servlet does not require authentication, allowing for remote code execution via a HTTP or HTTPS request.
|
— | 13.2% |
| Nov 3, 2021 | CVE-2012-3152 | Oracle Fusion Middleware |
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware Reports Developer contains an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity of affected systems.
|
— | 93.5% |
| Nov 3, 2021 | CVE-2015-4852 | Oracle WebLogic Server |
Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability
Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.
|
— | 92.9% |
| Nov 3, 2021 | CVE-2016-3643 | SolarWinds Virtualization Manager |
SolarWinds Virtualization Manager Privilege Escalation Vulnerability
SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo.
|
— | 5.2% |
| Nov 3, 2021 | CVE-2016-3976 | SAP NetWeaver |
SAP NetWeaver Directory Traversal Vulnerability
SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. T…
|
— | 76.3% |
| Nov 3, 2021 | CVE-2016-9563 | SAP NetWeaver |
SAP NetWeaver XML External Entity (XXE) Vulnerability
SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XX…
|
— | 58.8% |
| Nov 3, 2021 | CVE-2017-9248 | Progress ASP.NET AJAX and Sitefinity |
Progress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerability
Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys (Telerik.Web.UI.DialogPar…
|
— | 89.4% |
| Nov 3, 2021 |
CVE-2018-2380
Ransomware |
SAP Customer Relationship Management (CRM) |
SAP Customer Relationship Management (CRM) Path Traversal Vulnerability
SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.
|
— | 48.8% |
| Nov 3, 2021 |
CVE-2019-11580
Ransomware |
Atlassian Crowd and Crowd Data Center |
Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability
Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds.
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2019-11634
Ransomware |
Citrix Workspace Application and Receiver for Windows |
Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability
Citrix Workspace Application and Receiver for Windows contains remote code execution vulnerability resulting from local drive access preferences not being enforced into the client…
|
— | 52.4% |
| Nov 3, 2021 |
CVE-2019-13608
Ransomware |
Citrix StoreFront Server |
Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability
Citrix StoreFront Server contains an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information.
|
— | 71.7% |
| Nov 3, 2021 | CVE-2019-15949 | Nagios Nagios XI |
Nagios XI Remote Code Execution Vulnerability
Nagios XI contains a remote code execution vulnerability in which a user can modify the check_plugin executable and insert malicious commands to execute as root.
|
— | 86.9% |
| Nov 3, 2021 |
CVE-2019-18935
Ransomware |
Progress Telerik UI for ASP.NET AJAX |
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability
Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context o…
|
— | 93.7% |
| Nov 3, 2021 |
CVE-2019-19781
Ransomware |
Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance |
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code exe…
|
— | 94.4% |
| Nov 3, 2021 |
CVE-2019-3396
Ransomware |
Atlassian Confluence Server and Data Server |
Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability
Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.
|
— | 94.5% |
| Nov 3, 2021 | CVE-2019-3398 | Atlassian Confluence Server and Data Center |
Atlassian Confluence Server and Data Center Path Traversal Vulnerability
Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write fil…
|
— | 93.9% |
| Nov 3, 2021 | CVE-2019-4716 | IBM Planning Analytics |
IBM Planning Analytics Remote Code Execution Vulnerability
IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scriptin…
|
— | 93.4% |
| Nov 3, 2021 |
CVE-2019-5544
Ransomware |
VMware VMware ESXi and Horizon DaaS |
VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability
VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrit…
|
— | 92.1% |
| Nov 3, 2021 | CVE-2020-10148 | SolarWinds Orion |
SolarWinds Orion Authentication Bypass Vulnerability
SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.
|
— | 94.3% |
| Nov 3, 2021 | CVE-2020-14750 | Oracle WebLogic Server |
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.
|
— | 94.4% |
| Nov 3, 2021 | CVE-2020-14871 | Oracle Solaris and Zettabyte File System (ZFS) |
Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability
Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.
|
— | 88.9% |
| Nov 3, 2021 | CVE-2020-14882 | Oracle WebLogic Server |
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.
|
— | 94.5% |
| Nov 3, 2021 | CVE-2020-14883 | Oracle WebLogic Server |
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.
|
— | 94.4% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.