1,619 totalEPSS avg 51.6%

KEVKnown Exploited Vulnerabilities

CISA’s actively-exploited catalogue · refreshed weekly · authored by Adam Lundqvist

Showing 1,619 of 1,619 · page 5 of 33

CVEVendor / ProductTitleKEV addedEPSS
CVE-2025-32463Sudo / SudoSudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability2025-09-29
48.0%
CVE-2025-59689Libraesva / Email Security GatewayLibraesva Email Security Gateway Command Injection Vulnerability2025-09-29
1.9%
CVE-2025-20333Cisco / Secure Firewall Adaptive Security Appliance and Secure Firewall Threat DefenseCisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall T…2025-09-25
29.2%
CVE-2025-20362Cisco / Secure Firewall Adaptive Security Appliance and Secure Firewall Threat DefenseCisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall T…2025-09-25
83.7%
CVE-2025-10585Google / Chromium V8Google Chromium V8 Type Confusion Vulnerability2025-09-23
5.3%
CVE-2025-5086Dassault Systèmes / DELMIA AprisoDassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability2025-09-11
88.4%
CVE-2025-38352Linux / KernelLinux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability2025-09-04
1.9%
CVE-2025-48543Android / RuntimeAndroid Runtime Use-After-Free Vulnerability2025-09-04
0.5%
CVE-2025-53690Sitecore / Multiple ProductsSitecore Multiple Products Deserialization of Untrusted Data Vulnerability2025-09-04
26.3%
CVE-2023-50224TP-Link / TL-WR841NTP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability2025-09-03
17.4%
CVE-2025-9377TP-Link / Multiple RoutersTP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability2025-09-03
11.7%
CVE-2020-24363TP-Link / TL-WA855RETP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability2025-09-02
20.7%
CVE-2025-55177Meta Platforms / WhatsAppMeta Platforms WhatsApp Incorrect Authorization Vulnerability2025-09-02
4.1%
CVE-2025-57819Sangoma / FreePBXSangoma FreePBX Authentication Bypass Vulnerability2025-08-29
87.4%
CVE-2025-7775Citrix / NetScalerCitrix NetScaler Memory Overflow Vulnerability2025-08-26
19.0%
CVE-2024-8068Citrix / Session RecordingCitrix Session Recording Improper Privilege Management Vulnerability2025-08-25
1.4%
CVE-2024-8069Citrix / Session RecordingCitrix Session Recording Deserialization of Untrusted Data Vulnerability2025-08-25
14.7%
CVE-2025-48384Git / GitGit Link Following Vulnerability2025-08-25
2.8%
CVE-2025-43300Apple / iOS, iPadOS, and macOSApple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability2025-08-21
20.0%
CVE-2025-54948Trend Micro / Apex OneTrend Micro Apex One OS Command Injection Vulnerability2025-08-18
20.3%
CVE-2025-8875N-able / N-CentralN-able N-Central Insecure Deserialization Vulnerability2025-08-13
1.6%
CVE-2025-8876N-able / N-CentralN-able N-Central Command Injection Vulnerability2025-08-13
3.2%
CVE-2007-0671Microsoft / OfficeMicrosoft Office Excel Remote Code Execution Vulnerability2025-08-12
42.1%
CVE-2013-3893Microsoft / Internet ExplorerMicrosoft Internet Explorer Resource Management Errors Vulnerability2025-08-12
85.9%
CVE-2025-8088RARLAB / WinRARRARLAB WinRAR Path Traversal Vulnerability2025-08-12
81.3%
CVE-2020-25078D-Link / DCS-2530L and DCS-2670L DevicesD-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability2025-08-05
97.9%
CVE-2020-25079D-Link / DCS-2530L and DCS-2670L DevicesD-Link DCS-2530L and DCS-2670L Command Injection Vulnerability2025-08-05
52.7%
CVE-2022-40799dlink / dnr-322l_firmwareCVE-2022-407992025-08-05
31.3%
CVE-2023-2533PaperCut / NG/MFPaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability2025-07-28
29.5%
CVE-2025-20281Cisco / Identity Services EngineCisco Identity Services Engine Injection Vulnerability2025-07-28
96.7%
CVE-2025-20337Cisco / Identity Services EngineCisco Identity Services Engine Injection Vulnerability2025-07-28
65.1%
CVE-2025-2775SysAid / SysAid On-PremSysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerab…2025-07-22
55.2%
CVE-2025-2776SysAid / SysAid On-PremSysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerab…2025-07-22
73.0%
CVE-2025-49704Microsoft / SharePointMicrosoft SharePoint Code Injection Vulnerability2025-07-22
99.9%
CVE-2025-49706Microsoft / SharePointMicrosoft SharePoint Improper Authentication Vulnerability2025-07-22
99.9%
CVE-2025-54309CrushFTP / CrushFTP CrushFTP Unprotected Alternate Channel Vulnerability2025-07-22
92.0%
CVE-2025-6558Google / ChromiumGoogle Chromium ANGLE and GPU Improper Input Validation Vulnerability2025-07-22
9.5%
CVE-2025-53770Microsoft / SharePointMicrosoft SharePoint Deserialization of Untrusted Data Vulnerability2025-07-20
100.0%
CVE-2025-25257Fortinet / FortiWebFortinet FortiWeb SQL Injection Vulnerability2025-07-18
96.7%
CVE-2025-47812Wing FTP Server / Wing FTP ServerWing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnera…2025-07-14
95.3%
CVE-2025-5777Citrix / NetScaler ADC and GatewayCitrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability2025-07-10
99.9%
CVE-2014-3931Looking Glass / Multi-Router Looking Glass (MRLG)Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability2025-07-07
26.6%
CVE-2016-10033PHP / PHPMailerPHPMailer Command Injection Vulnerability2025-07-07
99.7%
CVE-2019-5418Rails / Ruby on RailsRails Ruby on Rails Path Traversal Vulnerability2025-07-07
98.5%
CVE-2019-9621Synacor / Zimbra Collaboration Suite (ZCS)Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) V…2025-07-07
80.9%
CVE-2025-6554Google / Chromium V8Google Chromium V8 Type Confusion Vulnerability2025-07-02
6.6%
CVE-2025-48927TeleMessage / TM SGNLTeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vul…2025-07-01
7.9%
CVE-2025-48928TeleMessage / TM SGNLTeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sph…2025-07-01
0.4%
CVE-2025-6543Citrix / NetScaler ADC and GatewayCitrix NetScaler ADC and Gateway Buffer Overflow Vulnerability2025-06-30
9.8%
CVE-2019-6693Fortinet / FortiOSFortinet FortiOS Use of Hard-Coded Credentials Vulnerability2025-06-25
5.4%
Sourced from CISA Known Exploited Vulnerabilities — current weekly refresh. EPSS scores from FIRST.org via epss.cyentia.com. Curated by Adam Lundqvist, Founder at SQUR.