Full CISA KEV catalog

Every CVE the U.S. cybersecurity agency has ever flagged as actively exploited. Filter by category, sort by severity or exploit-likelihood, search by vendor or product.

Showing 181–210 of 233 CVEs · Page 7 of 8 30 per page
Added CVE Vendor / Product Name & description CVSS EPSS
Mar 3, 2022 CVE-2018-0172 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
6.2%
Mar 3, 2022 CVE-2018-0173 Cisco IOS and IOS XE Software
mobile network
Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for deni…
5.4%
Mar 3, 2022 CVE-2018-0174 Cisco IOS XE Software
mobile network
Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS).
5.4%
Mar 3, 2022 CVE-2018-0175 Cisco IOS, XR, and XE Software
mobile network
Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability
Format string vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenti…
2.9%
Mar 3, 2022 CVE-2018-0179 Cisco IOS Software
mobile network
Cisco IOS Software Denial-of-Service Vulnerability
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, re…
2.0%
Mar 3, 2022 CVE-2018-0180 Cisco IOS Software
mobile network
Cisco IOS Software Denial-of-Service Vulnerability
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, re…
1.7%
Mar 3, 2022 CVE-2019-1652 Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
network vpn remote
Cisco Small Business Routers Improper Input Validation Vulnerability
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with admin…
92.7%
Mar 3, 2022 CVE-2022-20699 Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
network
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges…
89.4%
Mar 3, 2022 CVE-2022-20700 Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
network
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges…
28.6%
Mar 3, 2022 CVE-2022-20701 Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
network
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges…
6.1%
Mar 3, 2022 CVE-2022-20703 Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
network
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges…
2.0%
Mar 3, 2022 CVE-2022-20708 Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers
network
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges…
9.3%
Feb 10, 2022 CVE-2015-2051 D-Link DIR-645 Router
network
D-Link DIR-645 Router Remote Code Execution Vulnerability
D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
92.7%
Jan 28, 2022 CVE-2021-20038
Ransomware
SonicWall SMA 100 Appliances
network vpn remote
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution.
94.3%
Jan 18, 2022 CVE-2021-22991 F5 BIG-IP Traffic Management Microkernel
network vpn remote
F5 BIG-IP Traffic Management Microkernel Buffer Overflow
The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls.
73.1%
Jan 10, 2022 CVE-2018-13382
Ransomware
Fortinet FortiOS and FortiProxy
network vpn remote
Fortinet FortiOS and FortiProxy Improper Authorization
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
87.1%
Jan 10, 2022 CVE-2018-13383
Ransomware
Fortinet FortiOS and FortiProxy
network vpn remote
Fortinet FortiOS and FortiProxy Out-of-bounds Write
A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users.
1.8%
Jan 10, 2022 CVE-2019-1579
Ransomware
Palo Alto Networks PAN-OS
network vpn remote
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.
92.9%
Dec 10, 2021 CVE-2021-44168 Fortinet FortiOS
network vpn remote
Fortinet FortiOS Arbitrary File Download
Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.
1.2%
Dec 1, 2021 CVE-2018-14847 MikroTik RouterOS
network
MikroTik Router OS Directory Traversal Vulnerability
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory trave…
93.6%
Nov 3, 2021 CVE-2018-0171 Cisco IOS and IOS XE
mobile network
Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability
Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (…
92.9%
Nov 3, 2021 CVE-2018-0296 Cisco Adaptive Security Appliance (ASA)
network
Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability
Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS)…
94.4%
Nov 3, 2021 CVE-2018-13379
Ransomware
Fortinet FortiOS
network vpn remote
Fortinet FortiOS SSL VPN Path Traversal Vulnerability
Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted H…
94.5%
Nov 3, 2021 CVE-2019-1653 Cisco Small Business RV320 and RV325 Routers
network
Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configurat…
94.4%
Nov 3, 2021 CVE-2019-19781
Ransomware
Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP Appliance
enterprise network vpn remote
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability
Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code exe…
94.4%
Nov 3, 2021 CVE-2019-5591 Fortinet FortiOS
network vpn remote
Fortinet FortiOS Default Configuration Vulnerability
Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating t…
50.6%
Nov 3, 2021 CVE-2019-7481
Ransomware
SonicWall SMA100
network vpn remote
SonicWall SMA100 SQL Injection Vulnerability
SonicWall SMA100 contains a SQL injection vulnerability allowing an unauthenticated user to gain read-only access to unauthorized resources.
94.3%
Nov 3, 2021 CVE-2020-10181 Sumavision Enhanced Multimedia Router (EMR)
network
Sumavision EMR Cross-Site Request Forgery (CSRF) Vulnerability
Sumavision Enhanced Multimedia Router (EMR) contains a cross-site request forgery (CSRF) vulnerability allowing the creation of users with elevated privileges as administrator on …
20.6%
Nov 3, 2021 CVE-2020-10987 Tenda AC1900 Router AC15 Model
network
Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability
Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.
93.7%
Nov 3, 2021 CVE-2020-12271
Ransomware
Sophos SFOS
endpoint network
Sophos SFOS SQL Injection Vulnerability
Sophos Firewall operating system (SFOS) firmware contains a SQL injection vulnerability when configured with either the administration (HTTPS) service or the User Portal is expose…
86.6%

Source: CISA KEV catalog. Severity (CVSS) and exploit-probability (EPSS) sync nightly from NVD and FIRST.