Full CISA KEV catalog
Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.
| Added | CVE | Vendor / Product | Name & description | CVSS | EPSS |
|---|---|---|---|---|---|
| May 23, 2022 | CVE-2022-20821 | Cisco IOS XR |
Cisco IOS XR Open Port Vulnerability
Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis insta…
|
— | 8.8% |
| May 10, 2022 |
CVE-2022-1388
Ransomware |
F5 BIG-IP |
F5 BIG-IP Missing Authentication Vulnerability
F5 BIG-IP contains a missing authentication in critical function vulnerability which can allow for remote code execution, creation or deletion of files, or disabling services.
|
— | 94.5% |
| Apr 15, 2022 | CVE-2010-5330 | Ubiquiti AirOS |
Ubiquiti AirOS Command Injection Vulnerability
Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi.
|
— | 42.8% |
| Apr 15, 2022 |
CVE-2019-16057
Ransomware |
D-Link DNS-320 Storage Device |
D-Link DNS-320 Remote Code Execution Vulnerability
The login_mgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution.
|
— | 94.0% |
| Apr 11, 2022 | CVE-2022-23176 | WatchGuard Firebox and XTM |
WatchGuard Firebox and XTM Privilege Escalation Vulnerability
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access.
|
— | 10.2% |
| Apr 4, 2022 | CVE-2021-45382 | D-Link Multiple Routers |
D-Link Multiple Routers Remote Code Execution Vulnerability
A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file.
|
— | 94.4% |
| Mar 31, 2022 | CVE-2022-1040 | Sophos Firewall |
Sophos Firewall Authentication Bypass Vulnerability
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.
|
— | 94.4% |
| Mar 28, 2022 | CVE-2019-7483 | SonicWall SMA100 |
SonicWall SMA100 Directory Traversal Vulnerability
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
|
— | 47.9% |
| Mar 28, 2022 |
CVE-2021-20028
Ransomware |
SonicWall Secure Remote Access (SRA) |
SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability
SonicWall Secure Remote Access (SRA) products contain an improper neutralization of a SQL Command leading to SQL injection.
|
— | 80.3% |
| Mar 25, 2022 | CVE-2009-2055 | Cisco IOS XR |
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
|
— | 0.8% |
| Mar 25, 2022 | CVE-2010-3035 | Cisco IOS XR |
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
|
— | 5.3% |
| Mar 25, 2022 | CVE-2013-5223 | D-Link DSL-2760U |
D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability
A cross-site scripting (XSS) vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML.
|
— | 30.1% |
| Mar 25, 2022 | CVE-2015-0666 | Cisco Prime Data Center Network Manager (DCNM) |
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
|
— | 60.0% |
| Mar 25, 2022 | CVE-2015-3035 | TP-Link Multiple Archer Devices |
TP-Link Multiple Archer Devices Directory Traversal Vulnerability
Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
|
— | 92.5% |
| Mar 25, 2022 | CVE-2016-10174 | NETGEAR WNR2000v5 Router |
NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability
The NETGEAR WNR2000v5 router contains a buffer overflow which can be exploited to achieve remote code execution.
|
— | 91.1% |
| Mar 25, 2022 | CVE-2016-11021 | D-Link DCS-930L Devices |
D-Link DCS-930L Devices OS Command Injection Vulnerability
setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command.
|
— | 90.5% |
| Mar 25, 2022 | CVE-2016-1555 | NETGEAR Wireless Access Point (WAP) Devices |
NETGEAR Multiple WAP Devices Command Injection Vulnerability
Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code e…
|
— | 94.3% |
| Mar 25, 2022 | CVE-2017-3881 | Cisco IOS and IOS XE |
Cisco IOS and IOS XE Remote Code Execution Vulnerability
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a re…
|
— | 94.3% |
| Mar 25, 2022 | CVE-2017-6316 | Citrix NetScaler SD-WAN Enterprise, CloudBridge Virtual WAN, and XenMobile Server |
Citrix Multiple Products Remote Code Execution Vulnerability
A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could re…
|
— | 87.9% |
| Mar 25, 2022 | CVE-2017-6334 | NETGEAR DGN2200 Devices |
NETGEAR DGN2200 Devices OS Command Injection Vulnerability
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands
|
— | 89.2% |
| Mar 25, 2022 | CVE-2018-0125 | Cisco VPN Routers |
Cisco VPN Routers Remote Code Execution Vulnerability
A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affecte…
|
— | 29.5% |
| Mar 25, 2022 | CVE-2018-0147 | Cisco Secure Access Control System (ACS) |
Cisco Secure Access Control System Java Deserialization Vulnerability
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affect…
|
— | 4.0% |
| Mar 25, 2022 | CVE-2018-6961 | VMware SD-WAN Edge |
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability
VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code executi…
|
— | 93.9% |
| Mar 25, 2022 | CVE-2019-12989 | Citrix SD-WAN and NetScaler |
Citrix SD-WAN and NetScaler SQL Injection Vulnerability
Citrix SD-WAN and NetScaler SD-WAN allow SQL Injection.
|
— | 91.5% |
| Mar 25, 2022 | CVE-2019-12991 | Citrix SD-WAN and NetScaler |
Citrix SD-WAN and NetScaler Command Injection Vulnerability
Authenticated Command Injection in Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance.
|
— | 80.8% |
| Mar 25, 2022 | CVE-2019-16920 | D-Link Multiple Routers |
D-Link Multiple Routers Command Injection Vulnerability
Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise.
|
— | 94.3% |
| Mar 25, 2022 | CVE-2020-1631 | Juniper Junos OS |
Juniper Junos OS Path Traversal Vulnerability
A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero To…
|
— | 5.4% |
| Mar 25, 2022 |
CVE-2020-2021
Ransomware |
Palo Alto Networks PAN-OS |
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
|
— | 19.0% |
| Mar 25, 2022 | CVE-2020-25223 | Sophos SG UTM |
Sophos SG UTM Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM.
|
— | 94.3% |
| Mar 25, 2022 | CVE-2020-9377 | D-Link DIR-610 Devices |
D-Link DIR-610 Devices Remote Command Execution
D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php.
|
— | 76.6% |
Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.