1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

Showing 1,619 of 1,619 · page 27 of 33

CVEVendor / ProductTitleKEV addedEPSS
CVE-2019-1579Palo Alto Networks / PAN-OSPalo Alto Networks PAN-OS Remote Code Execution Vulnerability2022-01-10
39.3%
CVE-2019-2725Oracle / WebLogic ServerOracle WebLogic Server, Injection2022-01-10
100.0%
CVE-2019-7609Elastic / KibanaKibana Arbitrary Code Execution2022-01-10
95.3%
CVE-2019-9670Synacor / Zimbra Collaboration Suite (ZCS)Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External…2022-01-10
100.0%
CVE-2020-6572Google / Chrome MediaGoogle Chrome Media Use-After-Free Vulnerability2022-01-10
10.6%
CVE-2021-22017VMware / vCenter ServerVMware vCenter Server Improper Access Control2022-01-10
46.7%
CVE-2021-27860FatPipe / WARP, IPVPN, and MPVPN softwareFatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit2022-01-10
39.8%
CVE-2021-36260Hikvision / Security cameras web serverHikvision Improper Input Validation2022-01-10
99.9%
CVE-2021-4102Google / Chromium V8Google Chromium V8 Use-After-Free Vulnerability2021-12-15
7.8%
CVE-2021-43890Microsoft / WindowsMicrosoft Windows AppX Installer Spoofing Vulnerability2021-12-15
10.3%
CVE-2010-1871Red Hat / JBoss Seam 2Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability2021-12-10
83.4%
CVE-2017-12149Red Hat / JBoss Application ServerRed Hat JBoss Application Server Remote Code Execution Vulnerability2021-12-10
90.7%
CVE-2017-17562Embedthis / GoAheadEmbedthis GoAhead Remote Code Execution Vulnerability2021-12-10
96.3%
CVE-2019-0193Apache / SolrApache Solr DataImportHandler Code Injection Vulnerability2021-12-10
83.5%
CVE-2019-10758MongoDB / mongo-expressMongoDB mongo-express Remote Code Execution Vulnerability2021-12-10
84.8%
CVE-2019-13272Linux / KernelLinux Kernel Improper Privilege Management Vulnerability2021-12-10
52.2%
CVE-2019-7238Sonatype / Nexus Repository ManagerSonatype Nexus Repository Manager Incorrect Access Control Vulnerability2021-12-10
76.5%
CVE-2020-17463Fuel CMS / Fuel CMSFuel CMS SQL Injection Vulnerability2021-12-10
90.0%
CVE-2020-8816Pi-hole / AdminLTEPi-Hole AdminLTE Remote Code Execution Vulnerability2021-12-10
77.8%
CVE-2021-35394Realtek / Jungle Software Development Kit (SDK)Realtek Jungle SDK Remote Code Execution Vulnerability2021-12-10
99.9%
CVE-2021-44168Fortinet / FortiOSFortinet FortiOS Arbitrary File Download2021-12-10
0.9%
CVE-2021-44228Apache / Log4j2Apache Log4j2 Remote Code Execution Vulnerability2021-12-10
100.0%
CVE-2021-44515Zoho / Desktop CentralZoho Desktop Central Authentication Bypass Vulnerability2021-12-10
99.9%
CVE-2018-14847MikroTik / RouterOSMikroTik Router OS Directory Traversal Vulnerability2021-12-01
96.1%
CVE-2020-11261Qualcomm / Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesQualcomm Multiple Chipsets Improper Input Validation Vulnerability2021-12-01
1.8%
CVE-2021-37415Zoho / ManageEngine ServiceDesk Plus (SDP)Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability2021-12-01
99.6%
CVE-2021-40438Apache / ApacheApache HTTP Server-Side Request Forgery (SSRF)2021-12-01
100.0%
CVE-2021-44077Zoho / ManageEngine ServiceDesk Plus (SDP) / SupportCenter PlusZoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability2021-12-01
93.5%
CVE-2021-22204Perl / ExiftoolExifTool Remote Code Execution Vulnerability2021-11-17
100.0%
CVE-2021-40449Microsoft / WindowsMicrosoft Windows Win32k Privilege Escalation Vulnerability2021-11-17
74.1%
CVE-2021-42292Microsoft / OfficeMicrosoft Excel Security Feature Bypass2021-11-17
31.9%
CVE-2021-42321Microsoft / ExchangeMicrosoft Exchange Server Remote Code Execution Vulnerability2021-11-17
90.4%
CVE-2010-5326SAP / NetWeaverSAP NetWeaver Remote Code Execution Vulnerability2021-11-03
17.9%
CVE-2012-0158Microsoft / MSCOMCTL.OCXMicrosoft MSCOMCTL.OCX Remote Code Execution Vulnerability2021-11-03
100.0%
CVE-2012-3152Oracle / Fusion MiddlewareOracle Fusion Middleware Unspecified Vulnerability2021-11-03
98.7%
CVE-2014-1812Microsoft / WindowsMicrosoft Windows Group Policy Preferences Password Privilege Escalation Vuln…2021-11-03
64.3%
CVE-2015-1641Microsoft / OfficeMicrosoft Office Memory Corruption Vulnerability2021-11-03
97.3%
CVE-2015-4852Oracle / WebLogic ServerOracle WebLogic Server Deserialization of Untrusted Data Vulnerability2021-11-03
96.0%
CVE-2016-0167Microsoft / Win32kMicrosoft Win32k Privilege Escalation Vulnerability2021-11-03
5.7%
CVE-2016-0185Microsoft / WindowsMicrosoft Windows Media Center Remote Code Execution Vulnerability2021-11-03
69.9%
CVE-2016-3235Microsoft / OfficeMicrosoft Office OLE DLL Side Loading Vulnerability2021-11-03
43.4%
CVE-2016-3643SolarWinds / Virtualization ManagerSolarWinds Virtualization Manager Privilege Escalation Vulnerability2021-11-03
3.7%
CVE-2016-3715ImageMagick / ImageMagickImageMagick Arbitrary File Deletion Vulnerability2021-11-03
75.4%
CVE-2016-3718ImageMagick / ImageMagickImageMagick Server-Side Request Forgery (SSRF) Vulnerability2021-11-03
76.9%
CVE-2016-3976SAP / NetWeaverSAP NetWeaver Directory Traversal Vulnerability2021-11-03
46.6%
CVE-2016-4437Apache / ShiroApache Shiro Code Execution Vulnerability2021-11-03
93.1%
CVE-2016-7255Microsoft / Win32kMicrosoft Win32k Privilege Escalation Vulnerability2021-11-03
81.0%
CVE-2016-9563SAP / NetWeaverSAP NetWeaver XML External Entity (XXE) Vulnerability2021-11-03
23.8%
CVE-2017-0143Microsoft / WindowsMicrosoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerab…2021-11-03
93.3%
CVE-2017-0199Microsoft / Office and WordPadMicrosoft Office and WordPad Remote Code Execution Vulnerability2021-11-03
99.9%
Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.
KEV explorer — Known Exploited Vulnerabilities | SQUR Knowledge Base